XML external entity (XXE) vulnerability in Umbraco CMS prior to 7.7.3 allows malicious users to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF), related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
umbraco umbraco cms |