4 matches found
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
Under rare conditions, a restart of Umbraco can allow unauthorized users to gain admin-level permissions. Impact An unauthorized user gaining admin-level access and permissions to the backoffice. Patches 10.6.1, 11.4.2, 12.0.1 Workarounds Enabling the Unattended Install feature will mean the...
GHSA-H8WC-R4JH-MG7M Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
Under rare conditions, a restart of Umbraco can allow unauthorized users to gain admin-level permissions. Impact An unauthorized user gaining admin-level access and permissions to the backoffice. Patches 10.6.1, 11.4.2, 12.0.1 Workarounds Enabling the Unattended Install feature will mean the...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass. Under rare conditions, a restart of Umbraco can allow unauthorized users to gain admin-level permissions. Workaround 1 Enabling the Unattended Install feature will mean the vulnerability is not exploitable. 2...
PT-2023-25870 · Umbraco · Umbraco
Name of the Vulnerable Software and Affected Versions: Umbraco versions prior to 10.6.1 Umbraco versions prior to 11.4.2 Umbraco versions prior to 12.0.1 Description: Under rare conditions, a restart of Umbraco can allow unauthorized users to gain admin-level permissions, potentially leading to...