← back
CVE-2015-8814

CVE-2015-8814

EPSS 0.6%
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://issues.umbraco.org/issue/U4-7459https://github.com/umbraco/Umbraco-CMS/commit/18c3345e47663a358a042652e697b988d6a380ebhttp://www.openwall.com/lists/oss-security/2016/02/16/10