Umbraco contains a DOM-XSS
CVE-2023-48313
4.3MEDIUM
What is CVE-2023-48313?
Umbraco is an ASP.NET content management system (CMS). Starting in 10.0.0 and prior to versions 10.8.1 and 12.3.4, Umbraco contains a cross-site scripting (XSS) vulnerability enabling attackers to bring malicious content into a website or application. Versions 10.8.1 and 12.3.4 contain a patch for this issue.
Affected Version(s)
Umbraco-CMS >= 10.0.0, < 10.8.1 < 10.0.0, 10.8.1
Umbraco-CMS >= 11.0.0-rc1, < 12.3.4 < 11.0.0-rc1, 12.3.4