Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-48313: DOM-based stored cross-site scripting

Umbraco is an ASP.NET content management system (CMS). Starting in 10.0.0 and prior to versions 10.8.1 and 12.3.4, Umbraco contains a cross-site scripting (XSS) vulnerability enabling attackers to bring malicious content into a website or application. Versions 10.8.1 and 12.3.4 contain a patch for this issue.

CVE
Open in Source
#xss#vulnerability#web#asp.net

Package

nuget Umbraco.CMS (NuGet)

Affected versions

> 10.0.0

Patched versions

10.8.1, 12.3.4+

Description

Impact

Cross-site scripting (XSS) enable attackers to bring malicious content into a website or application.

Explanation of the vulnerability

To be revealed at a later point in time.

Related news

GHSA-v98m-398x-269r: DOM-XSS on Backoffice login screen.

#### Impact Cross-site scripting (XSS) enable attackers to bring malicious content into a website or application.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE