CVE-2024-10761
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Nov 4, 2024
Updated: Nov 13, 2024
CWE ID 94
CWE ID 79
Summary
CVE-2024-10761 is a recently disclosed vulnerability affecting Umbraco CMS version 12.3.6. This issue, classified as problematic, affects an unknown function in the /Umbraco/preview/frame?id{} component of the Dashboard. An attacker can exploit this cross-site scripting (XSS) vulnerability by manipulating the argument "culture." The attack can be launched remotely, and the exploit has been made public. However, the actual existence of this vulnerability is still uncertain as the vendor is unable to reproduce the issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- CMs
- Umbraco CMS
Affected Vendors
- Umbraco HQ
- Pluck -