Umbraco Security Vulnerabilities and Issues — Umbraco CVE List

Lucene search

UmbracoUmbraco

2 matches found

CVE•added 2017/03/03 4:59 p.m.•113 views

CVE-2015-8813

The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.

8.2CVSS8.2AI score0.83574EPSS

CVE•added 2017/03/03 4:59 p.m.•45 views

CVE-2015-8814

Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.

8.8CVSS8.7AI score0.00106EPSS