Moderate severityNVD Advisory· Published Jan 23, 2020· Updated Aug 4, 2024
CVE-2020-7210
CVE-2020-7210
Description
Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
UmbracoCMS.CoreNuGet | < 8.5.0 | 8.5.0 |
Affected products
2- Umbraco/CMSdescription
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-gqqf-8cx6-9r7hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-7210ghsaADVISORY
- packetstormsecurity.com/files/156062/Umbraco-CMS-8.2.2-Cross-Site-Request-Forgery.htmlghsax_refsource_MISCWEB
- seclists.org/fulldisclosure/2020/Jan/33ghsamailing-listx_refsource_FULLDISCWEB
- sec-consult.com/en/blog/advisories/cross-site-request-forgery-csrf-in-umbraco-cmsghsaWEB
- sec-consult.com/en/blog/advisories/cross-site-request-forgery-csrf-in-umbraco-cms/mitrex_refsource_MISC
- sec-consult.com/en/vulnerability-lab/advisories/index.htmlmitrex_refsource_MISC
- seclists.org/bugtraq/2020/Jan/35ghsamailing-listx_refsource_BUGTRAQWEB
News mentions
0No linked articles in our index yet.