Umbraco is an open source content management system (CMS) written in C# by Umbraco Denmark. Umbraco CMS is vulnerable to a password reset vulnerability that stems from the lack of an effective trust management mechanism in the web system or product. An attacker could exploit the vulnerability to change the URL a user receives when resetting their password to intercept the reset token and thus take over the account.
CPE | Name | Operator | Version |
---|---|---|---|
umbraco umbraco | lt | 9.2.0 |