High severity8.8NVD Advisory· Published Mar 3, 2017· Updated Jun 17, 2026
CVE-2015-8814
CVE-2015-8814
Description
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Umbraco.CMSNuGet | < 7.4.0 | 7.4.0 |
Affected products
2- cpe:2.3:a:umbraco:umbraco:7.3.8:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- github.com/umbraco/Umbraco-CMS/commit/18c3345e47663a358a042652e697b988d6a380ebnvdPatchWEB
- github.com/advisories/GHSA-5f6p-4hxq-rjxmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-8814ghsaADVISORY
- issues.umbraco.org/issue/U4-7459nvdIssue Tracking
- www.openwall.com/lists/oss-security/2016/02/16/10nvdMailing ListWEB
- web.archive.org/web/20230608152113/https://issues.umbraco.org/issue/U4-7459ghsaWEB
News mentions
0No linked articles in our index yet.