VYPR
← All advisories
Critical severityNVD Advisory· Published Jan 16, 2026· Updated Jan 16, 2026

CVE-2025-68924

CVE-2025-68924

Description

In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Authenticated attackers can achieve remote code execution in UmbracoForms up to 8.13.16 by supplying a malicious WSDL URL as a data source.

CVE-2025-68924 affects UmbracoForms versions up to 8.13.16. The vulnerability arises from the ability to configure a Webservice data source with a WSDL URL. An authenticated attacker can supply a malicious WSDL URL that, when processed, leads to remote code execution [3][4].

To exploit this, the attacker must have authentication and the ability to manage data sources within Umbraco Forms. By setting a malicious WSDL URL as the Webservice data source, the attacker triggers code execution on the server [4].

Successful exploitation allows remote code execution. Since the affected versions are end-of-life and no patches are released, mitigation involves upgrading to a supported version (v13, v16, v17) or applying a workaround to exclude the Webservice data source type from the Backoffice [4].

References
  1. NVD - CVE-2025-68924
  2. CVE-2025-68924 - GitHub Advisory Database

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
UmbracoFormsNuGet
<= 8.13.16

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.