Vulnerability Details CVE-2023-48313
Umbraco is an ASP.NET content management system (CMS). Starting in 10.0.0 and prior to versions 10.8.1 and 12.3.4, Umbraco contains a cross-site scripting (XSS) vulnerability enabling attackers to bring malicious content into a website or application. Versions 10.8.1 and 12.3.4 contain a patch for this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.5%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-48313
-
cpe:2.3:a:umbraco:umbraco_cms:10.0.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.0.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.1.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.1.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.2.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.2.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.3.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.3.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.3.2
-
cpe:2.3:a:umbraco:umbraco_cms:10.4.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.4.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.4.2
-
cpe:2.3:a:umbraco:umbraco_cms:10.5.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.5.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.6.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.6.1
-
cpe:2.3:a:umbraco:umbraco_cms:10.7.0
-
cpe:2.3:a:umbraco:umbraco_cms:10.8.0
-
cpe:2.3:a:umbraco:umbraco_cms:12.0.0
-
cpe:2.3:a:umbraco:umbraco_cms:12.0.1
-
cpe:2.3:a:umbraco:umbraco_cms:12.1.0
-
cpe:2.3:a:umbraco:umbraco_cms:12.1.1
-
cpe:2.3:a:umbraco:umbraco_cms:12.1.2
-
cpe:2.3:a:umbraco:umbraco_cms:12.2.0
-
cpe:2.3:a:umbraco:umbraco_cms:12.3.0
-
cpe:2.3:a:umbraco:umbraco_cms:12.3.1
-
cpe:2.3:a:umbraco:umbraco_cms:12.3.2
-
cpe:2.3:a:umbraco:umbraco_cms:12.3.3