Medium severity5.5NVD Advisory· Published Oct 12, 2017· Updated May 13, 2026

CVE-2017-15280

Description

XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF), related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
UmbracoCms.WebNuGet	< 7.7.3	7.7.3

Affected products

Umbraco/Umbraco CMS
cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*
Range: <=7.7.2

Patches

5dde2efe0d2b

U4-10506 Importing a specially crafted document type file can cause XXE attack

https://github.com/umbraco/Umbraco-CMSSebastiaan JanssenOct 6, 2017via ghsa

commit

1 file changed · +4 −2

src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs+4 −2 modified

@@ -70,10 +70,11 @@ private void InitializeComponent()
 		private void import_Click(object sender, EventArgs e)

 		{

             var xd = new XmlDocument();

+		    xd.XmlResolver = null;

             xd.Load(tempFile.Value);

 

 		    var userId = base.getUser().Id;

-

+            

             var element = XElement.Parse(xd.InnerXml);

 		    var importContentTypes = ApplicationContext.Current.Services.PackagingService.ImportContentTypes(element, userId);

 		    var contentType = importContentTypes.FirstOrDefault();

@@ -104,7 +105,8 @@ private void submit_Click(object sender, EventArgs e)
 			documentTypeFile.PostedFile.SaveAs(fileName);

 

 			var xd = new XmlDocument();

-			xd.Load(fileName);

+		    xd.XmlResolver = null;
+            xd.Load(fileName);

 			dtName.Text = xd.DocumentElement.SelectSingleNode("//DocumentType/Info/Name").FirstChild.Value;

 			dtAlias.Text = xd.DocumentElement.SelectSingleNode("//DocumentType/Info/Alias").FirstChild.Value;

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

issues.umbraco.org/issue/U4-10506nvdIssue TrackingPatchVendor AdvisoryWEB
github.com/umbraco/Umbraco-CMS/commit/5dde2efe0d2b3a47d17439e03acabb7ea2befb64nvdPatchThird Party AdvisoryWEB
github.com/advisories/GHSA-h2vq-7gf2-qw9vghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2017-15280ghsaADVISORY
github.com/umbraco/Umbraco-CMS/blob/release-7.7.3/src/Umbraco.Web/Umbraco.Web.csprojghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000