Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, users with low privileges (Editor, etc.) are able to access some unintended endpoints. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.
References
Link | Resource |
---|---|
https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-cfr5-7p54-4qg8 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
15 Dec 2023, 18:30
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-12 19:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-49273
Mitre link : CVE-2023-49273
CVE.ORG link : CVE-2023-49273
JSON object : View
Products Affected
umbraco
- umbraco_cms
CWE
CWE-863
Incorrect Authorization