CVE-2024-29035

Umbraco is an ASP.NET CMS. Failing webhooks logs are available when solution is not in debug mode. Those logs can contain information that is critical. This vulnerability is fixed in 13.1.1.
Configurations

No configuration.

History

21 Nov 2024, 09:07

Type Values Removed Values Added
Summary
  • (es) Umbraco es un CMS ASP.NET. Los registros de webhooks fallidos están disponibles cuando la solución no está en modo de depuración. Esos registros pueden contener información crítica. Esta vulnerabilidad se soluciona en 13.1.1.
References () https://github.com/umbraco/Umbraco-CMS/commit/6b8067815c02ae43161966a8075a3585e1bc4de0 - () https://github.com/umbraco/Umbraco-CMS/commit/6b8067815c02ae43161966a8075a3585e1bc4de0 -
References () https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-74p6-39f2-23v3 - () https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-74p6-39f2-23v3 -

17 Apr 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-17 15:15

Updated : 2024-11-21 09:07


NVD link : CVE-2024-29035

Mitre link : CVE-2024-29035

CVE.ORG link : CVE-2024-29035


JSON object : View

Products Affected

No product.

CWE
CWE-918

Server-Side Request Forgery (SSRF)