CVE-2020-9472: Unrestricted Upload of File with Dangerous Type
(updated )
Umbraco CMS allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality.
References
Detect and mitigate CVE-2020-9472 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →