Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-4gp9-ff99-j6vj

GitHub Security Advisory

Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API

✓ GitHub Reviewed LOW Has CVE
View on GitHub

Advisory Details

### Impact
An improper access control issue has been identified, allowing low-privilege users to access the webhook API and retrieve information that should be restricted to users with access to the settings section

Affected Packages

NuGet Umbraco.CMS
Affected versions: 14.0.0 (fixed in 14.3.0)

Related CVEs

CVE-2024-48925

Key Information

GHSA ID
GHSA-4gp9-ff99-j6vj
Published
October 22, 2024 5:51 PM
Last Modified
October 22, 2024 7:22 PM
CVSS Score
2.5 /10
Primary Ecosystem
NuGet
Primary Package
Umbraco.CMS
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 13, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.