CVE-2019-25137 Information

Description

Umbraco CMS 7.12.4 allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx.

Reference

https://www.exploit-db.com/exploits/46153 https://github.com/noraj/Umbraco-RCE https://0xdf.gitlab.io/2020/09/05/htb-remote.html