Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Umbraco's Blind SSRF Leads to Port Scan by using Webhooks
Vulnerability Description
Umbraco is an ASP.NET CMS. Failing webhooks logs are available when solution is not in debug mode. Those logs can contain information that is critical. This vulnerability is fixed in 13.1.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Umbraco 安全漏洞
Vulnerability Description
Umbraco是丹麦Umbraco公司的一套C#编写的开源的内容管理系统(CMS)。 Umbraco 13.0.0及之前版本存在安全漏洞,该漏洞源于允许攻击者查看处于调试模式下的webhook日志,从而导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A