Umbraco: Cross-Site Scripting Vulnerability in Dashboard Component - Proactive Insights and Support For Open-Source Applications

In Umbraco CMS version 12.3.6 a medium severity vulnerability CVE-2024-10761 was detected. This issue allows attackers to exploit cross-site scripting (XSS) through the `culture` argument in the `/Umbraco/preview/frame?id{}` file of the Dashboard component. The exploit is publicly available and can be used remotely. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-10761.