CVE-2024-10761
Description
A vulnerability was found in Umbraco CMS 12.3.6. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frameid{} of the component Dashboard. The manipulation of the argument culture leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor is not able to reproduce the issue.
Risk Information
Base Score
5.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.272
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common 13.5.3 | Windows |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common 14.3.2 | Windows |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common 15.1.2 | Windows |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common 10.8.8 | Windows |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.CMS 10.8.8 | Windows |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.CMS 13.5.3 | Windows |
| Vulnerabilities CVE-2024-10761,CVE-2025-24011 are fixed in Nuget - Umbraco.CMS 14.3.2 | Windows |
| Vulnerabilities CVE-2024-10761,CVE-2025-24011 are fixed in Nuget - Umbraco.CMS 15.1.2 | Windows |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common for Linux 13.5.3 | Linux |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common for Linux 14.3.2 | Linux |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common for Linux 15.1.2 | Linux |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.Cms.Web.Common for Linux 10.8.8 | Linux |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.CMS for Linux 10.8.8 | Linux |
| Vulnerabilities CVE-2024-10761 are fixed in Nuget - Umbraco.CMS for Linux 13.5.3 | Linux |
| Vulnerabilities CVE-2024-10761,CVE-2025-24011 are fixed in Nuget - Umbraco.CMS for Linux 14.3.2 | Linux |
| Vulnerabilities CVE-2024-10761,CVE-2025-24011 are fixed in Nuget - Umbraco.CMS for Linux 15.1.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234