Umbraco: >> Umbraco Cms >> 12.0.0 Security Vulnerabilities
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.1.0, a user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended. Versions 8.18.10, 10.7.0, and 12.1.0 contain a patch for this issue.
CVSS Score
3.5
EPSS Score
0.005
Published
2023-12-12
Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-07-13
Page 2