CVE-2020-5809
https://notcve.org/view.php?id=CVE-2020-5809
A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user can inject arbitrary JavaScript code into iframes when editing content using the TinyMCE rich-text editor, as TinyMCE is configured to allow iframes by default in Umbraco CMS. Se presenta una vulnerabilidad de tipo XSS almacenado en Umbraco CMS versiones anteriores a 8.9.1 o actual. Un usuario autenticado puede inyectar código JavaScript arbitrario en iframes cuando edita contenido usando el editor de texto enriquecido TinyMCE, ya que TinyMCE está configurado para permitir iframes por defecto en Umbraco CMS. • https://www.tenable.com/security/research/tra-2020-59 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-5810
https://notcve.org/view.php?id=CVE-2020-5810
A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user authorized to upload media can upload a malicious .svg file which act as a stored XSS payload. Se presenta una vulnerabilidad de tipo XSS almacenado en Umbraco CMS versiones anteriores a 8.9.1 o actual. Un usuario autenticado autorizado para cargar multimedia puede cargar un archivo .svg malicioso que actúa como una carga útil de tipo XSS almacenado. • https://www.tenable.com/security/research/tra-2020-59 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-5811 – Umbraco CMS 8.9.1 - Directory Traversal
https://notcve.org/view.php?id=CVE-2020-5811
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package. Se presenta una vulnerabilidad de salto de ruta autenticada durante la instalación del paquete en Umbraco CMS versiones anteriores a 8.9.1 o actual, lo que podría resultar en la escritura de archivos arbitrarios fuera del inicio del sitio y las rutas esperadas cuando se instala un paquete Umbraco. Umbraco CMS versions 8.9.1 and below suffer from path traversal and arbitrary file write vulnerabilities. • https://www.exploit-db.com/exploits/50241 http://packetstormsecurity.com/files/163965/Umbraco-CMS-8.9.1-Traversal-Arbitrary-File-Write.html https://www.tenable.com/security/research/tra-2020-59 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-29454
https://notcve.org/view.php?id=CVE-2020-29454
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. El archivo Editors/LogViewerController.cs en Umbraco versiones hasta 8.9.1, permite a un usuario visitar un endpoint de logviewer inclusive si carece de acceso a Applications.Settings • https://github.com/umbraco/Umbraco-CMS/pull/9361 • CWE-863: Incorrect Authorization •
CVE-2020-9472
https://notcve.org/view.php?id=CVE-2020-9472
Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality. Umbraco CMS versión 8.5.3, permite una carga de archivos autenticados (y, en consecuencia, una ejecución de código remota), por medio de la funcionalidad Install Package. • https://github.com/john-dooe/CVE-2020-9472 https://gitlab.com/eLeN3Re/cve-2020-9472 • CWE-434: Unrestricted Upload of File with Dangerous Type •