MEDIUM 4.3 NuGet
Incorrect permission enforcement in UmbracoCms
GHSA-4vp3-vfww-8648 · CVE-2020-29454
Published · Modified
Description
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
References
Ready to move
Start Securing
Free, no credit card | First findings in minutes