Vulnerability Description
Umbraco is an ASP.NET content management system (CMS). Starting in version 7.0.0 and prior to versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0, a user with access to the backoffice can upload SVG files that include scripts. If the user can trick another user to load the media directly in a browser, the scripts can be executed. Versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0 contain a patch for this issue. Some workarounds are available. Implement the server side file validation or serve all media from an different host (e.g cdn) than where Umbraco is hosted.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Umbraco | Umbraco Cms | >= 7.0.0, < 7.15.11 |
Related Weaknesses (CWE)
References
- https://docs.umbraco.com/umbraco-cms/reference/security/serverside-file-validatiProduct
- https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-6xmx-85x3-4cv2Vendor Advisory
- https://docs.umbraco.com/umbraco-cms/reference/security/serverside-file-validatiProduct
- https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-6xmx-85x3-4cv2Vendor Advisory
FAQ
What is CVE-2023-49279?
CVE-2023-49279 is a vulnerability with a CVSS score of 3.7 (LOW). Umbraco is an ASP.NET content management system (CMS). Starting in version 7.0.0 and prior to versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0, a user with access to the backoffice can upload SVG ...
How severe is CVE-2023-49279?
CVE-2023-49279 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-49279?
Check the references section above for vendor advisories and patch information. Affected products include: Umbraco Umbraco Cms.