Security Advisory

CVE-2024-32872

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-24 14:46:28

Last updated 2024-08-02 02:20:35

Assigner GitHub_M

State PUBLISHED

Description

Umbraco workflow provides workflows for the Umbraco content management system. Prior to versions 10.3.9, 12.2.6, and 13.0.6, an Umbraco Backoffice user can modify requests to a particular API endpoint to include SQL, which will be executed by the server. Umbraco Workflow versions 10.3.9, 12.2.6, 13.0.6, as well as Umbraco Plumber version 10.1.2, contain a patch for this issue.

← Browse all CVEs View on cve.org ↗