Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-6xmx-85x3-4cv2: Stored XSS via SVG File Upload

Impact

A user with access to the backoffice can upload SVG files that include scripts. If the user can trick another user to load the media directly in a browser, the scripts can be executed.

Workaround

Implement the server side file validation https://docs.umbraco.com/umbraco-cms/reference/security/serverside-file-validation

or

Serve all media from an different host (e.g cdn) that where umbraco is hosted

ghsa
#xss#vulnerability#git

Skip to content

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
  • Pricing

Search code, repositories, users, issues, pull requests…

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2023-49279

Stored XSS via SVG File Upload

Package

nuget Umbraco.CMS (NuGet)

Affected versions

>= 7.0.0, < 7.15.11

>= 8.0.0, < 8.18.9

>= 9.0.0, < 10.7.0

>= 11.0.0, < 11.5.0

>= 12.0.0, < 12.2.0

Patched versions

7.15.11

8.18.9

10.7.0

11.5.0

12.2.0

Description

Published to the GitHub Advisory Database

Dec 13, 2023

Severity

CVSS base metrics

User interaction

Required

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:N

Weaknesses

GHSA ID

GHSA-6xmx-85x3-4cv2

Source code

Related news

CVE-2023-49279: Stored XSS via SVG File Upload

Umbraco is an ASP.NET content management system (CMS). Starting in version 7.0.0 and prior to versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0, a user with access to the backoffice can upload SVG files that include scripts. If the user can trick another user to load the media directly in a browser, the scripts can be executed. Versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0 contain a patch for this issue. Some workarounds are available. Implement the server side file validation or serve all media from an different host (e.g cdn) than where Umbraco is hosted.

ghsa: Latest News

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization