2 matches found
CVE-2020-29454
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access...
CVE-2020-29454
CVE-2020-29454 affects Umbraco up to 8.9.1. Editors/LogViewerController.cs improperly enforces access, allowing a user without Applications.Settings to visit the logviewer endpoint. The connected sources confirm the vulnerable component and the access-control bypass but do not provide a concrete ...