Umbraco: >> Umbraco Cms >> 7.12.3 Security Vulnerabilities
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.
CVSS Score
6.5
EPSS Score
0.026
Published
2020-12-30
Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.
CVSS Score
4.8
EPSS Score
0.004
Published
2018-11-27
Page 2