3 matches found
Improper Access Control
Overview Affected versions of this package are vulnerable to Improper Access Control due to missing authorization requirements. An authenticated attacker can access unintended endpoints by exploiting the vulnerability. Remediation Upgrade Umbraco.Cms.Api.Management to version 14.1.2 or higher...
Generation of Error Message Containing Sensitive Information
Overview Umbraco.Cms.Web.Common is a package containing the web assembly needed to run Umbraco CMS. Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information. An attacker can obtain stack trace information that may include sensitive data by...
Generation of Error Message Containing Sensitive Information
Overview Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information. An attacker can obtain stack trace information that may include sensitive data by sending crafted requests to the Management API endpoints. Remediation Upgrade...