Moderate severityNVD Advisory· Published Mar 11, 2025· Updated Mar 11, 2025
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality
CVE-2025-27601
Description
Umbraco is a free and open source .NET content management system. An improper API access control issue has been identified Umbraco's API management package prior to versions 15.2.3 and 14.3.3, allowing low-privilege, authenticated users to create and update data type information that should be restricted to users with access to the settings section. The issue is patched in versions 15.2.3 and 14.3.3. No known workarounds are available.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Umbraco.Cms.Api.ManagementNuGet | >= 15.0.0-rc1, < 15.2.3 | 15.2.3 |
Umbraco.Cms.Api.ManagementNuGet | < 14.3.3 | 14.3.3 |
Affected products
1- Range: >= 15.0.0-rc1, < 15.2.3
Patches
2ebb6a580dc1dMerge commit from fork
12 files changed · +37 −10
src/Umbraco.Cms.Api.Management/Controllers/DataType/CopyDataTypeController.cs+3 −0 modified@@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DataType; @@ -7,10 +8,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class CopyDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/CreateDataTypeController.cs+4 −1 modified@@ -1,4 +1,5 @@ -using Asp.Versioning; +using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -8,10 +9,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class CreateDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/DeleteDataTypeController.cs+4 −1 modified@@ -1,15 +1,18 @@ -using Asp.Versioning; +using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class DeleteDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/MoveDataTypeController.cs+3 −0 modified@@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DataType; @@ -7,10 +8,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class MoveDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/UpdateDataTypeController.cs+4 −1 modified@@ -1,4 +1,5 @@ -using Asp.Versioning; +using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -8,10 +9,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class UpdateDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ExportDocumentTypeController.cs+3 −0 modified@@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ExportDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ImportExistingDocumentTypeController.cs+3 −1 modified@@ -1,17 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ImportExistingDocumentTypeController : DocumentTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ImportNewDocumentTypeController.cs+3 −1 modified@@ -1,17 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ImportNewDocumentTypeController : DocumentTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/ExportMediaTypeController.cs+3 −0 modified@@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class ExportMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/ImportExistingMediaTypeController.cs+3 −1 modified@@ -1,17 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class ImportExistingMediaTypeController : MediaTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/ImportNewMediaTypeController.cs+3 −2 modified@@ -1,18 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using Umbraco.Cms.Api.Management.Controllers.DocumentType; using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class ImportNewMediaTypeController : MediaTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/MediaTypeControllerBase.cs+1 −2 modified@@ -1,9 +1,8 @@ -using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Controllers.DocumentType; using Umbraco.Cms.Api.Management.Routing; -using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Services.OperationStatus; using Umbraco.Cms.Web.Common.Authorization;
d9fb6df16e9aMerge commit from fork
13 files changed · +38 −11
src/Umbraco.Cms.Api.Management/Controllers/DataType/CopyDataTypeController.cs+3 −0 modified@@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DataType; @@ -7,10 +8,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class CopyDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/CreateDataTypeController.cs+4 −1 modified@@ -1,4 +1,5 @@ -using Asp.Versioning; +using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -8,10 +9,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class CreateDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/DeleteDataTypeController.cs+4 −1 modified@@ -1,15 +1,18 @@ -using Asp.Versioning; +using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class DeleteDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/MoveDataTypeController.cs+3 −0 modified@@ -1,4 +1,5 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DataType; @@ -7,10 +8,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class MoveDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DataType/UpdateDataTypeController.cs+4 −1 modified@@ -1,4 +1,5 @@ -using Asp.Versioning; +using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; @@ -8,10 +9,12 @@ using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DataType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDataTypes)] public class UpdateDataTypeController : DataTypeControllerBase { private readonly IDataTypeService _dataTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ExportDocumentTypeController.cs+3 −0 modified@@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ExportDocumentTypeController : DocumentTypeControllerBase { private readonly IContentTypeService _contentTypeService;
src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ImportExistingDocumentTypeController.cs+3 −1 modified@@ -1,17 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ImportExistingDocumentTypeController : DocumentTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/DocumentType/ImportNewDocumentTypeController.cs+3 −1 modified@@ -1,17 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.DocumentType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.DocumentType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessDocumentTypes)] public class ImportNewDocumentTypeController : DocumentTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/ExportMediaTypeController.cs+3 −0 modified@@ -1,14 +1,17 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Factories; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class ExportMediaTypeController : MediaTypeControllerBase { private readonly IMediaTypeService _mediaTypeService;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/ImportExistingMediaTypeController.cs+3 −1 modified@@ -1,17 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class ImportExistingMediaTypeController : MediaTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/ImportNewMediaTypeController.cs+3 −2 modified@@ -1,18 +1,19 @@ using Asp.Versioning; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using Umbraco.Cms.Api.Management.Controllers.DocumentType; using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Models; -using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Security; using Umbraco.Cms.Core.Services.ImportExport; using Umbraco.Cms.Core.Services.OperationStatus; +using Umbraco.Cms.Web.Common.Authorization; namespace Umbraco.Cms.Api.Management.Controllers.MediaType; [ApiVersion("1.0")] +[Authorize(Policy = AuthorizationPolicies.TreeAccessMediaTypes)] public class ImportNewMediaTypeController : MediaTypeControllerBase { private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
src/Umbraco.Cms.Api.Management/Controllers/MediaType/MediaTypeControllerBase.cs+1 −2 modified@@ -1,9 +1,8 @@ -using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Umbraco.Cms.Api.Management.Controllers.DocumentType; using Umbraco.Cms.Api.Management.Routing; -using Umbraco.Cms.Api.Management.ViewModels.MediaType; using Umbraco.Cms.Core; using Umbraco.Cms.Core.Services.OperationStatus; using Umbraco.Cms.Web.Common.Authorization;
version.json+1 −1 modified@@ -1,6 +1,6 @@ { "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/main/src/NerdBank.GitVersioning/version.schema.json", - "version": "14.3.2", + "version": "14.3.3", "assemblyVersion": { "precision": "build" },
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-6ffg-mjg7-585xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-27601ghsaADVISORY
- github.com/umbraco/Umbraco-CMS/commit/d9fb6df16e9adf8656181cac8497fc5ba23321cdghsax_refsource_MISCWEB
- github.com/umbraco/Umbraco-CMS/commit/ebb6a580dc1da2c772a99838dc7b4660bf77eb9cghsax_refsource_MISCWEB
- github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-6ffg-mjg7-585xghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.