CVE-2020-5811: Path Traversal
First published: Wed Dec 30 2020(Updated: )
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Umbraco CMS | <=8.9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Umbraco CMS vulnerability?
The vulnerability ID for this Umbraco CMS vulnerability is CVE-2020-5811.
What is the severity of CVE-2020-5811?
CVE-2020-5811 has a severity rating of 6.5 (Medium).
What is the description of CVE-2020-5811?
CVE-2020-5811 is an authenticated path traversal vulnerability that exists during package installation in Umbraco CMS <= 8.9.1 or current, allowing arbitrary files to be written outside of the site home and expected paths.
Which software is affected by CVE-2020-5811?
CVE-2020-5811 affects Umbraco CMS version <= 8.9.1 or current.
How can I fix CVE-2020-5811 in Umbraco CMS?
To fix CVE-2020-5811 in Umbraco CMS, update to a version that is newer than 8.9.1.
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/weakness
- agent/tags
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/umbraco
- canonical/umbraco cms
- version/umbraco cms/8.9.1