Security Advisory

CVE-2023-38694

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-12 17:09:08

Last updated 2024-08-02 17:46:56

Assigner GitHub_M

State PUBLISHED

Description

Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.1.0, a user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended. Versions 8.18.10, 10.7.0, and 12.1.0 contain a patch for this issue.

← Browse all CVEs View on cve.org ↗