CVE-2024-55488

Name of the Vulnerable Software and Affected Versions Umbraco CMS version 14.3.1

Description A stored cross-site scripting (XSS) vulnerability in Umbraco CMS allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This issue is only possible via authenticated users who have been manually allowed access to the CMS, as there was a deliberate decision made not to apply HTML sanitization at the product level.

Recommendations For Umbraco CMS version 14.3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.