CVE-2020-5810

Summary

A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user authorized to upload media can upload a malicious .svg file which act as a stored XSS payload.

Affected Software

VendorProductVersion RangeStatus
n/aUmbraco CMS<= 8.9.1 or current (unfixed)affected

Weaknesses

  • Stored Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References