Persistent Cross-Site Scripting (XSS) Vulnerability in Umbraco CMS 7.12.3 via Header Name Injection
CVE-2018-17256 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Persistent cross-site scripting (XSS) vulnerability in Umbraco CMS 7.12.3 allows authenticated users to inject arbitrary web script via the Header Name of a content (Blog, Content Page, etc.). The vulnerability is exploited when updating or removing public access of a content.
Learn more about our Web App Pen Testing.