CVE-2020-5811
N/A
N/A
Summary
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Umbraco CMS | <= 8.9.1 or current (unfixed) | affected |
Weaknesses
- Path Traversal
ADP Enrichment
CVE Program Container
Additional References
- https://www.tenable.com/security/research/tra-2020-59
- http://packetstormsecurity.com/files/163965/Umbraco-CMS-8.9.1-Traversal-Arbitrary-File-Write.html
References
- https://www.tenable.com/security/research/tra-2020-59
- http://packetstormsecurity.com/files/163965/Umbraco-CMS-8.9.1-Traversal-Arbitrary-File-Write.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.