4.3
CVSSv3

CVE-2023-48227

Published: 12/12/2023 Updated: 15/12/2023
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.3.0, Backoffice users with send for approval permission but not publish permission are able to publish in some scenarios. Versions 8.18.10, 10.7.0, and 12.3.0 contains a patch for this issue. No known workarounds are available.

Vulnerable Product Search on Vulmon Subscribe to Product

umbraco umbraco cms