Duplicate Advisory: Umbraco CMS Cross-site Scripting vulnerability

GHSA-4gmq-m9vp-jrwg

Published Nov 4, 2024 · Modified Feb 19, 2025

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-69cg-w8vm-h229. This link is maintained to preserve external references.

Original Description

A vulnerability was found in Umbraco CMS 12.3.6. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frame?id{} of the component Dashboard. The manipulation of the argument culture leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

References

WEB https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-69cg-w8vm-h229
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-10761
WEB https://drive.google.com/file/d/1YoZgdlS3QT7Xu005j9RO-FFUT8RbB0Da/view?usp=sharing
PACKAGE https://github.com/umbraco/Umbraco-CMS
WEB https://vuldb.com/?ctiid.282930
WEB https://vuldb.com/?id.282930
WEB https://vuldb.com/?submit.427091

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes