NuGet package
umbraco.cms.infrastructure
pkg:nuget/umbraco.cms.infrastructure
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-55488 | — | < 15.0.0 | 15.0.0 | Jan 22, 2025 | A stored cross-site scripting (XSS) vulnerability in Umbraco CMS v14.3.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. NOTE: This has been disputed by the vendor since this potential attack is only possible via authenticated users who have been | ||
| CVE-2023-37267 | — | >= 9.0.0, < 10.6.1 | 10.6.1 | Jul 13, 2023 | Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1. |
- CVE-2024-55488Jan 22, 2025affected < 15.0.0fixed 15.0.0
A stored cross-site scripting (XSS) vulnerability in Umbraco CMS v14.3.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. NOTE: This has been disputed by the vendor since this potential attack is only possible via authenticated users who have been
- CVE-2023-37267Jul 13, 2023affected >= 9.0.0, < 10.6.1fixed 10.6.1
Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1.