CVE-2024-10761

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 4, 2024
Updated: Nov 13, 2024
CWE ID 94
CWE ID 79

Summary

CVE-2024-10761 is a recently disclosed vulnerability affecting Umbraco CMS version 12.3.6. This issue, classified as problematic, affects an unknown function in the /Umbraco/preview/frame?id{} component of the Dashboard. An attacker can exploit this cross-site scripting (XSS) vulnerability by manipulating the argument "culture." The attack can be launched remotely, and the exploit has been made public. However, the actual existence of this vulnerability is still uncertain as the vendor is unable to reproduce the issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • CMs
  • Umbraco CMS

Affected Vendors

  • Umbraco HQ
  • Pluck -