CVE-2020-5810
https://notcve.org/view.php?id=CVE-2020-5810
A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user authorized to upload media can upload a malicious .svg file which act as a stored XSS payload. Se presenta una vulnerabilidad de tipo XSS almacenado en Umbraco CMS versiones anteriores a 8.9.1 o actual. Un usuario autenticado autorizado para cargar multimedia puede cargar un archivo .svg malicioso que actúa como una carga útil de tipo XSS almacenado. • https://www.tenable.com/security/research/tra-2020-59 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-5811 – Umbraco CMS 8.9.1 - Directory Traversal
https://notcve.org/view.php?id=CVE-2020-5811
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package. Se presenta una vulnerabilidad de salto de ruta autenticada durante la instalación del paquete en Umbraco CMS versiones anteriores a 8.9.1 o actual, lo que podría resultar en la escritura de archivos arbitrarios fuera del inicio del sitio y las rutas esperadas cuando se instala un paquete Umbraco. Umbraco CMS versions 8.9.1 and below suffer from path traversal and arbitrary file write vulnerabilities. • https://www.exploit-db.com/exploits/50241 http://packetstormsecurity.com/files/163965/Umbraco-CMS-8.9.1-Traversal-Arbitrary-File-Write.html https://www.tenable.com/security/research/tra-2020-59 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-29454
https://notcve.org/view.php?id=CVE-2020-29454
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. El archivo Editors/LogViewerController.cs en Umbraco versiones hasta 8.9.1, permite a un usuario visitar un endpoint de logviewer inclusive si carece de acceso a Applications.Settings • https://github.com/umbraco/Umbraco-CMS/pull/9361 • CWE-863: Incorrect Authorization •
CVE-2020-7685 – Insecure Defaults
https://notcve.org/view.php?id=CVE-2020-7685
This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies. Esto afecta a todas las versiones del paquete UmbracoForms. • https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2020-9472
https://notcve.org/view.php?id=CVE-2020-9472
Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality. Umbraco CMS versión 8.5.3, permite una carga de archivos autenticados (y, en consecuencia, una ejecución de código remota), por medio de la funcionalidad Install Package. • https://github.com/john-dooe/CVE-2020-9472 https://gitlab.com/eLeN3Re/cve-2020-9472 • CWE-434: Unrestricted Upload of File with Dangerous Type •