Security Advisory

CVE-2024-35239

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-28 20:15:28

Last updated 2024-08-02 03:07:46

Assigner GitHub_M

State PUBLISHED

Description

Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of the patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13).

← Browse all CVEs View on cve.org ↗