Umbraco CMS prior to 8.18.10, 10.8.1, and 12.3.0 allows path traversal vulnerabilit
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
Cvelist | CVE-2023-49089 Umbraco CMS possible path traversal when creating packages from backoffice | 12 Dec 202319:02 | â | cvelist |
NVD | CVE-2023-49089 | 12 Dec 202319:15 | â | nvd |
OSV | Using the directory back payload (â/../â) in a package name allows placement of package in other folders. | 13 Dec 202313:24 | â | osv |
OSV | CVE-2023-49089 | 12 Dec 202319:15 | â | osv |
Prion | Path traversal | 12 Dec 202319:15 | â | prion |
Veracode | Path Traversal | 13 Dec 202306:10 | â | veracode |
Github Security Blog | Using the directory back payload (â/../â) in a package name allows placement of package in other folders. | 13 Dec 202313:24 | â | github |
[
{
"vendor": "umbraco",
"product": "Umbraco-CMS",
"versions": [
{
"version": ">= 8.0.0, < 8.18.10",
"status": "affected"
},
{
"version": ">= 9.0.0-rc001, < 10.8.1",
"status": "affected"
},
{
"version": ">= 11.0.0-rc1, < 12.3.4",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo