CNNVD-202512-1127 Information

CNNVD ID

CNNVD-202512-1127

Related CVE

CVE-2025-66625

• CNNVD Published: 2025-12-09

Description (Chinese)

Umbraco CMS是丹麦Umbraco公司的一个内容管理系统。 Umbraco CMS 10.0.0版本至13.12.0版本存在安全漏洞，该漏洞源于临时文件处理不当，可能导致文件枚举攻击。

Description (English)

Umbraco CMS is a content management system for the Danish company Umbraco. There is a security loophole between the Umbraco CMS Version 10.0.0 and the 13.12.0, which stems from the mishandling of temporary documents, which could lead to an itemized attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Umbraco

Published

2025-12-09

Last Modified

2026-02-24

References

https://github.com/umbraco/Umbraco-CMS/commit/7505efd433189037f46547932d4a8b603fd4a615 https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-hfv2-pf68-m33x https://access.redhat.com/security/cve/cve-2025-66625

Patch

https://umbraco.com/