Umbraco 输入验证错误漏洞

Umbraco is an open-source content management system CMS written in C by the Danish company Umbraco. Versions of Umbraco before 13.14.0 and 17.4.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from some Surface controllers failing to validate the redirect...

PT-2026-42585

Impact Some of the Surface Controllers in the CMS provide to support member related operations fail to validate redirect URLs, making Razor templates that derive 'RedirectUrl' from user-controlled query parameters vulnerable to malicious redirect attacks. Patches The issue is resolved in versions...