Security Advisory

CVE-2025-32017

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-08 15:37:23

Last updated 2025-04-09 17:13:15

Assigner GitHub_M

State PUBLISHED

Description

Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 and 15.3.1.

← Browse all CVEs View on cve.org ↗