HomeUmbracoCVE-2023-48313

CVE-2023-48313

MEDIUM
4.3CVSS
Published: 2023-12-12
Updated: 2024-11-21
AI Analysis

Description

Umbraco is an ASP.NET content management system (CMS). Starting in 10.0.0 and prior to versions 10.8.1 and 12.3.4, Umbraco contains a cross-site scripting (XSS) vulnerability enabling attackers to bring malicious content into a website or application. Versions 10.8.1 and 12.3.4 contain a patch for this issue.

CVSS Metrics

Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector
network
Complexity
low
Privileges
none
User Action
required
Scope
unchanged
Confidentiality
none
Integrity
low
Availability
none
Weaknesses
CWE-79

Metadata

Primary Vendor
UMBRACO
Published
12/12/2023
Last Modified
11/21/2024
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

umbraco : umbraco_cmsumbraco : umbraco_cms

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2023-48313 | MEDIUM Severity | CVEDatabase.com | CVEDatabase.com