MEDIUM 6.5 NuGet
Withdrawn Advisory: Umbraco Rich Text Display allows Cross-Site Scripting
GHSA-572q-86rr-5vgq
Published · Modified
Description
Withdrawn Advisory
This advisory has been withdrawn because the issue is a documented security. This link is maintained to preserve external references. For more information, see https://github.com/github/advisory-database/pull/5270.
Original Advisory
A stored cross-site scripting (XSS) vulnerability in Umbraco CMS v14.3.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-55488
- WEB https://github.com/github/advisory-database/pull/5270
- WEB https://github.com/umbraco/Umbraco-CMS/pull/17164
- PACKAGE https://github.com/umbraco/Umbraco-CMS
- WEB https://github.com/umbraco/Umbraco-CMS/releases/tag/release-15.0.0-rc1
- WEB https://www.nccgroup.com/us/research-blog/technical-advisory-cross-site-scripting-in-umbraco-rich-text-display
- WEB http://umbraco.com
Ready to move
Start Securing
Free, no credit card | First findings in minutes