CVE-2019-25137

CVSS V2 None CVSS V3 None

Description

Umbraco CMS 7.12.4 allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx.

Overview

CVE ID
CVE-2019-25137

Assigner
cve@mitre.org

Vulnerability Status
Received

Published Version
2023-05-18T07:15:08

Last Modified Date
2023-05-18T07:15:08

References

Reference URL	Reference Tags
https://0xdf.gitlab.io/2020/09/05/htb-remote.html
https://github.com/noraj/Umbraco-RCE
https://www.exploit-db.com/exploits/46153

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2019-25137
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25137

History

Created	Old Value	New Value	Data Type	Notes
2023-05-18 08:00:37				Added to TrackCVE