3 matches found
CVE-2023-49273 Umbraco CMS vulnerable to Privilege Escalation using Spoofing
Umbraco is an ASP.NET content management system CMS. Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, users with low privileges Editor, etc. are able to access some unintended endpoints. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue...
CVE-2023-49273
Summary : CVE-2023-49273 affects Umbraco CMS (ASP.NET). Starting with 8.0.0 up to but not including patches, low-privilege users (e.g., Editor) can access unintended endpoints. Affected versions include 8.x before 8.18.10, 10.x before 10.8.1, and 12.x before 12.3.4. Mitigation/Remediation : upgra...
CVE-2023-49273 Umbraco CMS vulnerable to Privilege Escalation using Spoofing
Umbraco is an ASP.NET content management system CMS. Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, users with low privileges Editor, etc. are able to access some unintended endpoints. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue...