CVE-2025-27601 Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality
Umbraco is a free and open source .NET content management system. An improper API access control issue has been identified Umbraco's API management package prior to versions 15.2.3 and 14.3.3, allowing low-privilege, authenticated users to create and update data type information that should be...