CVE-2020-9471: Unrestricted Upload of File with Dangerous Type
(updated )
Umbraco Cloud allows an authenticated file upload (and consequently Remote Code Execution) via the Install Packages functionality.
References
Detect and mitigate CVE-2020-9471 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →