Описание
Umbraco CMS vulnerable to CSRF
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.
Пакеты
Наименование
Umbraco.CMS
nuget
Затронутые версииВерсия исправления
< 7.4.0
7.4.0
Связанные уязвимости
CVSS3: 8.8
nvd
почти 9 лет назад
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.