CVE-2018-17256

Summary

Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.

Affected Software

VendorProductVersion RangeStatus
CyberSecurity Philippines - CERTUmbracoCMS7.12.3affected

Weaknesses

  • Persistent cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References