Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
Stored Cross-site scripting (XSS) enable attackers that have access to backoffice to bring malicious content into a website or application.
Stored Cross-site scripting (XSS) enable attackers that have access to backoffice to bring malicious content into a website or application.
Umbraco have an endpoint that is vulnerable to open redirects. The endpoint is protected so it requires the user to be signed into backoffice, before the vulnerability is exposed.
Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Packages functionality.
A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user can inject arbitrary JavaScript code into iframes when editing content using the TinyMCE rich-text editor, as TinyMCE is configured to allow iframes by default in Umbraco CMS.
Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.
XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF), related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs.
Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page name" (aka nodename) parameter during the creation of a new page, related to Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs and Umbraco.Web/umbraco.presentation/umbraco/dialogs/notifications.aspx.cs.