cvedb.io
CVE-2024-48925
NONE · CVSS 0
EPSS exploitation probability: 0%
Published 2024-10-22T16:15:07.853 · Last modified 2026-06-17T07:59:03.870

Summary

Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to access the webhook API and retrieve information that should be restricted to users with access to the settings section. Version 14.3.0 contains a patch.

Affected products

umbraco — umbraco_cms

Does this affect you?

Add your gear to cvedb and we'll alert you only when umbraco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.