CVE-2024-34071: Umbraco CMS Open Redirect Bypass Protection
Umbraco have an endpoint that is vulnerable to open redirects. The endpoint is protected so it requires the user to be signed into backoffice, before the vulnerability is exposed.
References
- github.com/advisories/GHSA-j74q-mv2c-rxmp
- github.com/umbraco/Umbraco-CMS
- github.com/umbraco/Umbraco-CMS/commit/5f24de308584b9771240a6db1a34630a5114c450
- github.com/umbraco/Umbraco-CMS/commit/c17d4e1a600098ec524e4126f4395255476bc33f
- github.com/umbraco/Umbraco-CMS/commit/c8f71af646171074c13e5c34f74312def4512031
- github.com/umbraco/Umbraco-CMS/commit/d8df405db4ea884bb4b96f088d10d9a2070cf024
- github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-j74q-mv2c-rxmp
- nvd.nist.gov/vuln/detail/CVE-2024-34071
Detect and mitigate CVE-2024-34071 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →