← back
CVE-2018-17256

CVE-2018-17256

EPSS 0.7%
Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.
Affected products
CyberSecurity Philippines - CERT · UmbracoCMS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cspcert.ph/advisories/2018/CVE-2018-17256.html