Description

Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stored Cross-site scripting (XSS) enable attackers that have access to backoffice to bring malicious content into a website or application. This vulnerability has been patched in version(s) 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implementing IHtmlSanitizer.

INFO

Published Date :

2024-05-21T13:42:27.260Z

Last Modified :

2024-08-02T03:07:46.766Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35218 vulnerability.

Vendors Products
Umbraco
  • Umbraco Cms
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35218.

URL Resource
https://github.com/umbraco/Umbraco-CMS/commit/1b712fe6ec52aa4e71b3acf63e393c8e6ab85385 cve-icon cve-icon
https://github.com/umbraco/Umbraco-CMS/commit/a2684069b1e9976444f60b4b37a80be05b87f6b6 cve-icon cve-icon
https://github.com/umbraco/Umbraco-CMS/commit/cbf9f9bcd199d7ca0412be3071d275556f10b7ba cve-icon cve-icon
https://github.com/umbraco/Umbraco-CMS/commit/d090176272d07500dac0daee7c598aa8bb321050 cve-icon cve-icon
https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-gvpc-3pj6-4m9w cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact