In Umbraco version 14.3.1 a medium severity vulnerability CVE-2024-55488 was detected. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload, resulting in stored cross-site scripting (XSS). Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-55488.
Umbraco: Stored XSS Vulnerability
by the Hossted team
27.01.2025
27.01.2025