CVE-2023-49273

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-49273
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-49273.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-49273
Aliases
Published
2023-12-12T19:15:08Z
Modified
2024-10-12T11:11:46.049608Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, users with low privileges (Editor, etc.) are able to access some unintended endpoints. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.

References

Affected packages

Git / github.com/umbraco/umbraco-cms

Affected ranges

Type
GIT
Repo
https://github.com/umbraco/umbraco-cms
Events

Affected versions

release-7.*

release-7.13.2
release-7.14.0
release-7.15.0
release-7.15.1
release-7.15.2
release-7.15.3
release-7.15.4

release-8.*

release-8.0.0
release-8.0.01
release-8.0.1
release-8.1.0
release-8.1.1
release-8.1.2
release-8.1.3
release-8.1.4
release-8.1.5
release-8.10.0
release-8.10.0-rc
release-8.10.1
release-8.10.2
release-8.10.3
release-8.11.0
release-8.11.0-rc
release-8.11.1
release-8.11.2
release-8.11.3
release-8.12.0
release-8.12.0-rc
release-8.12.1
release-8.12.2
release-8.12.3
release-8.13.0
release-8.13.0-rc
release-8.13.1
release-8.14.0
release-8.14.0-rc
release-8.14.1
release-8.14.2
release-8.14.3
release-8.14.4
release-8.15.0
release-8.15.0-rc
release-8.15.1
release-8.15.2
release-8.15.3
release-8.16.0
release-8.16.0-rc
release-8.17.0
release-8.17.0-rc
release-8.17.0-rc2
release-8.17.1
release-8.17.2
release-8.18.0
release-8.18.0-rc
release-8.18.0-rc2
release-8.18.1
release-8.18.2
release-8.18.3
release-8.18.4
release-8.18.5
release-8.18.6
release-8.18.7
release-8.18.8
release-8.18.9
release-8.2.0
release-8.2.0-rc
release-8.2.1
release-8.2.2
release-8.3.0
release-8.4.0
release-8.4.0-rc
release-8.4.1
release-8.5.0
release-8.5.1
release-8.5.2
release-8.5.3
release-8.5.4
release-8.5.5
release-8.6.0
release-8.6.0-rc
release-8.6.1
release-8.6.2
release-8.6.3
release-8.6.4
release-8.6.5
release-8.6.6
release-8.6.7
release-8.6.8
release-8.7.0
release-8.7.0-rc
release-8.7.1
release-8.7.2
release-8.7.3
release-8.8
release-8.8.0
release-8.8.0-rc
release-8.8.1
release-8.8.2
release-8.8.3
release-8.8.4
release-8.9.0
release-8.9.0-rc
release-8.9.1
release-8.9.2
release-8.9.3

release/7.*

release/7.15.2

release/8.*

release/8.1.3