Lucene search
PRIOn knowledge basePRION:CVE-2023-38694HistoryDec 12, 2023 - 5:15 p.m.
Design/Logic Flaw
2023-12-1217:15:00
PRIOn knowledge base
www.prio-n.com
2
umbraco
asp.net
cms
html injection
vulnerability
version 8.0.0
security patch
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.1.0, a user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended. Versions 8.18.10, 10.7.0, and 12.1.0 contain a patch for this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| umbraco_cms | ge | 8.0.0 | |
| umbraco_cms | lt | 8.18.10 | |
| umbraco_cms | ge | 9.0.0 | |
| umbraco_cms | lt | 10.7.0 | |
| umbraco_cms | ge | 11.0.0 | |
| umbraco_cms | lt | 12.1.0 |
Related
cvelist
cvelist
github
github
Possible injection of HTML into user invite mails
2023-12-13 13:17:37
osv
osv
CVE-2023-38694
2023-12-12 17:15:07
Possible injection of HTML into user invite mails
2023-12-13 13:17:37
nvd
nvd
CVE-2023-38694
2023-12-12 17:15:07
veracode
veracode
HTML Injection
2023-12-13 07:29:28
cve
cve
CVE-2023-38694
2023-12-12 17:15:07