3 matches found
CVE-2025-32017
Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 an...
CVE-2025-32017
creationtimestamp| type| source ---|---|--- 2025-04-08 15:47:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10929 2025-04-08 19:22:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmd756z7yg2i...
CVE-2025-32017 Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users
Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 an...