Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Umbraco CMS SMTP misconfiguration exposes potential registered user email
Vulnerability Description
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Umbraco 信息泄露漏洞
Vulnerability Description
Umbraco是丹麦Umbraco公司的一套C#编写的开源的内容管理系统(CMS)。 Umbraco 存在信息泄露漏洞,该漏洞源于当 SMTP 设置不正确但启用了重置密码时,可能会发生用户枚举攻击。
CVSS Information
N/A
Vulnerability Type
N/A