icon

We found results for “

CVE-2013-4793

Good to know:

icon
icon

Date: December 27, 2014

The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to execute arbitrary ASP.NET code via a crafted SOAP request.

Language: C#

Severity Score

Severity Score

Weakness Type (CWE)

Authentication Issues

CWE-287

Top Fix

icon

Upgrade Version

Upgrade to version 6.0.4

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us