Vulnerabilities > Umbraco > Umbraco CMS > 8.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-30 | CVE-2020-5810 | Cross-site Scripting vulnerability in Umbraco CMS A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. | 3.5 |
| 2020-12-30 | CVE-2020-5809 | Cross-site Scripting vulnerability in Umbraco CMS A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. | 3.5 |
| 2020-12-02 | CVE-2020-29454 | Incorrect Permission Assignment for Critical Resource vulnerability in Umbraco CMS Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. | 4.0 |