CVE-2025-68924

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.

UmbracoForms
UmbracoForms
Umbraco Forms is an extension for Umbraco CMS allowing editors to create and manage forms and review submissions. The packages available from this feed can be used with Umbraco CMS versions up to version 8. For Umbraco CMS version 9, please use the feed available at https://www.nuget.org/packages/Umbraco.Forms/
NuGet GalleryNuGet Gallery