umbracocms is vulnerable to privilege escalation. A user without Applications.Settings access is able to visit a logviewer endpoint due to incorrect access control in Editors/LogViewerController.cs
.
CPE | Name | Operator | Version |
---|---|---|---|
umbracocms.web | le | 8.9.1 |