Unrated severityNVD Advisory· Published Dec 27, 2014· Updated Jun 16, 2026
CVE-2013-4793
CVE-2013-4793
Description
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to execute arbitrary ASP.NET code via a crafted SOAP request.
Affected products
2cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*range: <=6.0.3
- (no CPE)range: <6.0.4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.