Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-74p6-39f2-23v3

GitHub Security Advisory

Blind SSRF Leads to Port Scan by using Webhooks

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact
Failing webhooks logs are available when solution is not in debug mode. Those logs can contain information that is critical.

### Affected Versions
Umbraco versions 13.0.0 - 13.1.1

### Patches
13.1.1

### Workarounds
Disabling webhooks functionality.

Affected Packages

NuGet Umbraco.Cms.Core
Affected versions: 13.0.0 (fixed in 13.1.1)
NuGet Umbraco.Cms.Web.BackOffice
Affected versions: 13.0.0 (fixed in 13.1.1)

Related CVEs

CVE-2024-29035

Key Information

GHSA ID
GHSA-74p6-39f2-23v3
Published
April 17, 2024 6:20 PM
Last Modified
February 12, 2025 6:19 PM
CVSS Score
5.0 /10
Primary Ecosystem
NuGet
Primary Package
Umbraco.Cms.Core
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.