Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users
Vulnerability Description
Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 and 15.3.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
相对路径遍历
Vulnerability Title
Umbraco 安全漏洞
Vulnerability Description
Umbraco是丹麦Umbraco公司的一套C#编写的开源的内容管理系统(CMS)。 Umbraco 14+版本存在安全漏洞,该漏洞源于路径遍历,允许将文件上传到错误位置。
CVSS Information
N/A
Vulnerability Type
N/A