CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Umbraco: >> Umbraco Cms >> 7.0.4 Security Vulnerabilities

CVE-2017-15280

XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF), related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs.

CVSS Score

5.5

EPSS Score

0.002

Published

2017-10-12

Page 2

Vulnerabilities

Vulnerable Software

Umbraco: >> Umbraco Cms >> 7.0.4 Security Vulnerabilities

Products

Pricing

Contact Us