GHSA-gqqf-8cx6-9r7h

Source

https://github.com/advisories/GHSA-gqqf-8cx6-9r7h

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gqqf-8cx6-9r7h/GHSA-gqqf-8cx6-9r7h.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-gqqf-8cx6-9r7h

Aliases

CVE-2020-7210

Published

2022-05-24T17:07:13Z

Modified

2024-02-22T05:36:42.950668Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator

Summary

Umbraco CMS vulnerable to CSRF

Details

Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.

Database specific

{
    "nvd_published_at": "2020-01-23T13:15:00Z",
    "cwe_ids": [
        "CWE-352"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-13T17:15:15Z"
}

References

Affected packages

NuGet / UmbracoCMS.Core

Package

Name: UmbracoCMS.Core; View open source insights on deps.dev
Purl: pkg:nuget/UmbracoCMS.Core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.0

Affected versions

4.*

4.7.2

4.8.0-beta

4.8.0

4.8.1

4.9.0

4.9.1

4.10.0-beta

4.10.0-rc

4.10.0

4.10.1

4.11.0

4.11.1

4.11.2

4.11.2.1

4.11.2.2

4.11.2.3

4.11.3

4.11.3.1

4.11.4

4.11.5

4.11.6

4.11.7

4.11.8

4.11.9

4.11.10

6.*

6.0.0-beta

6.0.0-RC

6.0.0

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.7.1

6.1.0-beta

6.1.0-beta-2

6.1.0

6.1.1

6.1.2

6.1.2.1

6.1.2.2

6.1.3

6.1.4

6.1.5

6.1.6

6.2.0-RC

6.2.0

6.2.0.1-RC

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

7.*

7.0.0-alpha

7.0.0-beta

7.0.0-RC

7.0.0

7.0.1

7.0.2

7.0.3

7.0.4

7.1.0-RC

7.1.0

7.1.1

7.1.2

7.1.3

7.1.4

7.1.5

7.1.6

7.1.7

7.1.8

7.1.9

7.1.10

7.2.0-beta

7.2.0-beta2

7.2.0-RC

7.2.0

7.2.1

7.2.2

7.2.3

7.2.4

7.2.5-RC

7.2.5

7.2.6

7.2.7

7.2.8

7.2.9

7.3.0-beta

7.3.0-beta2

7.3.0-beta3

7.3.0-RC

7.3.0

7.3.1

7.3.2

7.3.3

7.3.4

7.3.5

7.3.6

7.3.7

7.3.8

7.3.9

7.4.0-beta

7.4.0-beta2

7.4.0-RC1

7.4.0

7.4.1

7.4.2

7.4.3

7.4.4

7.5.0-beta

7.5.0-beta2

7.5.0

7.5.1

7.5.2

7.5.3

7.5.4

7.5.5

7.5.6

7.5.7

7.5.8

7.5.9

7.5.10

7.5.11

7.5.12

7.5.13

7.5.14

7.5.15

7.6.0-beta

7.6.0-RC

7.6.0

7.6.1

7.6.2

7.6.3

7.6.4

7.6.5

7.6.6

7.6.7

7.6.8

7.6.9

7.6.10

7.6.11

7.6.12

7.6.13

7.6.14

7.7.0-beta

7.7.0

7.7.1

7.7.2

7.7.3

7.7.4

7.7.5

7.7.6

7.7.7

7.7.8

7.7.9

7.7.10

7.7.11

7.7.12

7.7.13

7.7.14

7.8.0-beta

7.8.0

7.8.1

7.8.2

7.8.3

7.8.4

7.9.0

7.9.1

7.9.2

7.9.3

7.9.4

7.9.5

7.9.6

7.9.7

7.10.0

7.10.1

7.10.2

7.10.3

7.10.4

7.10.5

7.10.6

7.11.0

7.11.1

7.11.2

7.11.3

7.12.0

7.12.1

7.12.2

7.12.3

7.12.4

7.12.5

7.13.0

7.13.1

7.13.2

7.13.3

7.14.0

7.14.1

7.15.0

7.15.1

7.15.2

7.15.3

7.15.4

7.15.5

7.15.6

7.15.7

7.15.8

7.15.9

7.15.10

7.15.11

8.*

8.0.0

8.0.1

8.0.2

8.0.3

8.1.0

8.1.1

8.1.2

8.1.3

8.1.4

8.1.5

8.1.6

8.2.0-rc

8.2.0

8.2.1

8.2.2

8.2.3

8.3.0

8.3.1

8.4.0-rc

8.4.0

8.4.1

8.4.2