CVE-2020-29454
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-29454
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-29454.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-29454
- Aliases
- Published
- 2020-12-02T02:15:11Z
- Modified
- 2024-06-06T13:17:21.781710Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
- References
Affected packages
Git / github.com/umbraco/umbraco-cms
Affected versions
release-7.*
release-7.13.2
release-7.14.0
release-7.15.0
release-7.15.1
release-7.15.2
release-7.15.3
release-7.15.4
release-8.*
release-8.0.0
release-8.0.01
release-8.0.1
release-8.1.0
release-8.1.1
release-8.1.2
release-8.1.3
release-8.1.4
release-8.1.5
release-8.2.0
release-8.2.0-rc
release-8.2.1
release-8.2.2
release-8.3.0
release-8.4.0
release-8.4.0-rc
release-8.4.1
release-8.5.0
release-8.5.1
release-8.5.2
release-8.5.3
release-8.5.4
release-8.5.5
release-8.6.0
release-8.6.0-rc
release-8.6.1
release-8.6.2
release-8.6.3
release-8.6.4
release-8.6.5
release-8.6.6
release-8.7.0
release-8.7.0-rc
release-8.7.1
release-8.8
release-8.8.0
release-8.8.0-rc
release-8.8.1
release-8.8.2
release-8.9.0
release-8.9.0-rc
release-8.9.1
release/7.*
release/7.15.2
release/8.*
release/8.1.3