CVE-2024-34071

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-34071
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34071.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-34071
Aliases
Related
Published
2024-05-21T14:15:11Z
Modified
2025-07-02T00:31:50.924019Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Umbraco is an ASP.NET CMS used by more than 730.000 websites. Umbraco has an endpoint that is vulnerable to open redirects. The endpoint is protected so it requires the user to be signed into backoffice before the vulnerable is exposed. This vulnerability has been patched in version(s) 8.18.14, 10.8.6, 12.3.10 and 13.3.1.

References

Affected packages

Git / github.com/umbraco/umbraco-cms

Affected ranges

Type
GIT
Repo
https://github.com/umbraco/umbraco-cms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5f24de308584b9771240a6db1a34630a5114c450
Fixed
c17d4e1a600098ec524e4126f4395255476bc33f
Fixed
c8f71af646171074c13e5c34f74312def4512031
Fixed
d8df405db4ea884bb4b96f088d10d9a2070cf024

Affected versions

4.*

4.7.2
4.8.0-beta

7.*

7.3.0-beta
7.6-alpha071
7.6-beta5

Release-4.*

Release-4.10.0
Release-4.11.0
Release-4.11.1
Release-4.11.2
Release-4.11.2.1
Release-4.11.2.2
Release-4.11.3
Release-4.11.4
Release-4.11.5
Release-4.5.2
Release-4.6.0
Release-4.8.0
Release-4.8.1
Release-4.9.0
Release-4.9.1

Release-6.*

Release-6.0.0
Release-6.0.0-RC
Release-6.0.0-beta
Release-6.0.2

Other

Sprint-Juno-A
alpha070
release-netcore-alpha002
release-netcore-alpha004
temp8-cg18

dev-7.*

dev-7.6-RC1
dev-7.6-RC2
dev-7.6-RC3
dev-7.6-alpha-073
dev-7.6-alpha054
dev-7.6-alpha055
dev-7.6-alpha056
dev-7.6-alpha060
dev-7.6-alpha061
dev-7.6-alpha063
dev-7.6-alpha064
dev-7.6-alpha072
dev-7.6-alpha073
dev-7.6-alpha074
dev-7.6-alpha075
dev-7.6-beta02
dev-7.6-beta03
dev-7.6-beta04
dev-7.6-beta06

dev-v7.*

dev-v7.6-alpha065
dev-v7.6-alpha066
dev-v7.6-alpha068
dev-v7.7-beta002

release-10.*

release-10.0.0
release-10.0.0-rc1
release-10.0.0-rc2
release-10.0.0-rc3
release-10.0.0-rc4
release-10.0.0-rc5
release-10.0.1
release-10.1.0
release-10.1.0-rc
release-10.1.0-rc2
release-10.2.0
release-10.2.0-rc
release-10.2.1
release-10.3.0
release-10.3.0-rc
release-10.3.1
release-10.3.2
release-10.4.0-rc1
release-10.4.1
release-10.5.0
release-10.5.0-rc
release-10.6.0
release-10.6.0-rc
release-10.6.1
release-10.7.0
release-10.7.0-rc
release-10.8.0
release-10.8.0-rc
release-10.8.1
release-10.8.2
release-10.8.3
release-10.8.4
release-10.8.5

release-11.*

release-11.0.0
release-11.0.0-rc1
release-11.0.0-rc2
release-11.0.0-rc3
release-11.0.0-rc4
release-11.0.0-rc5
release-11.0.0-rc6
release-11.1.0-rc1
release-11.2.0
release-11.2.0-rc
release-11.2.1
release-11.3.0
release-11.3.0-rc
release-11.4.0
release-11.4.0-rc
release-11.4.1
release-11.4.2
release-11.5.0
release-11.5.0-rc

release-12.*

release-12.0.0
release-12.0.0-rc1
release-12.0.0-rc2
release-12.0.0-rc3
release-12.0.0-rc4
release-12.0.0-rc5
release-12.0.1
release-12.1.0
release-12.1.0-rc
release-12.1.1
release-12.1.2
release-12.2.0
release-12.2.0-rc
release-12.3.0
release-12.3.0-rc
release-12.3.1
release-12.3.2
release-12.3.3
release-12.3.4
release-12.3.5
release-12.3.6
release-12.3.7
release-12.3.8
release-12.3.9

release-13.*

release-13.0.0
release-13.0.0-rc1
release-13.0.0-rc2
release-13.0.0-rc3
release-13.0.0-rc4
release-13.0.0-rc5
release-13.0.1
release-13.0.2
release-13.0.3
release-13.1.0
release-13.1.0-rc
release-13.1.1
release-13.2.0
release-13.2.0-rc
release-13.2.1
release-13.2.2
release-13.3.0
release-13.3.0-rc

release-4.*

release-4.11.10
release-4.11.6
release-4.11.7
release-4.11.9

release-6.*

release-6.0.3
release-6.0.4
release-6.0.6
release-6.0.7
release-6.1.0
release-6.1.0-beta
release-6.1.0-beta2
release-6.1.1
release-6.1.2
release-6.1.3
release-6.1.4
release-6.1.5
release-6.1.6
release-6.2.0
release-6.2.0-beta
release-6.2.1
release-6.2.2
release-6.2.3

release-7.*

release-7.0.0
release-7.0.0-RC
release-7.0.0-alpha
release-7.0.0-beta
release-7.0.1
release-7.0.2
release-7.0.3
release-7.0.4
release-7.1.0
release-7.1.0-RC
release-7.1.0-beta
release-7.1.1
release-7.1.2
release-7.1.3
release-7.1.4
release-7.1.5
release-7.1.6
release-7.1.7
release-7.1.8
release-7.10.0
release-7.10.1
release-7.10.2
release-7.10.3
release-7.10.4
release-7.11.0
release-7.12.0
release-7.12.1
release-7.13.0
release-7.13.1
release-7.13.2
release-7.14.0
release-7.15.0
release-7.15.1
release-7.15.2
release-7.15.3
release-7.15.4
release-7.2.0
release-7.2.0-RC
release-7.2.0-alpha
release-7.2.0-beta
release-7.2.0-beta2
release-7.2.1
release-7.2.2
release-7.2.3
release-7.2.4
release-7.2.5
release-7.2.5-RC
release-7.2.6
release-7.2.7
release-7.2.8
release-7.3.0
release-7.3.0-RC
release-7.3.0-beta
release-7.3.0-beta2
release-7.3.0-beta3
release-7.3.1
release-7.3.2
release-7.3.3
release-7.3.4
release-7.3.5
release-7.3.6
release-7.3.7
release-7.3.8
release-7.4.0
release-7.4.0-RC1
release-7.4.0-beta2
release-7.4.1
release-7.4.2
release-7.4.3
release-7.5.0
release-7.5.0-beta
release-7.5.0-beta2
release-7.5.1
release-7.5.10
release-7.5.11
release-7.5.12
release-7.5.13
release-7.5.14
release-7.5.2
release-7.5.3
release-7.5.4
release-7.5.5
release-7.5.6
release-7.5.7
release-7.5.8
release-7.5.9
release-7.6.0
release-7.6.0-RC
release-7.6.0-beta
release-7.6.1
release-7.6.2
release-7.6.3
release-7.6.4
release-7.6.5
release-7.6.6
release-7.6.7
release-7.6.8
release-7.7.0
release-7.7.0-beta
release-7.7.1
release-7.7.10
release-7.7.11
release-7.7.12
release-7.7.13
release-7.7.2
release-7.7.3
release-7.7.4
release-7.7.5
release-7.7.6
release-7.7.7
release-7.7.8
release-7.7.9
release-7.8.0
release-7.8.0-beta
release-7.8.0-beta003
release-7.8.0-beta004
release-7.8.0-beta005
release-7.8.0-beta007
release-7.8.1
release-7.8.2
release-7.8.3
release-7.9.0
release-7.9.1
release-7.9.2
release-7.9.3
release-7.9.4
release-7.9.5
release-7.9.6

release-8.*

release-8.0.0
release-8.0.01
release-8.0.1
release-8.1.0
release-8.1.1
release-8.1.2
release-8.1.3
release-8.1.4
release-8.1.5
release-8.10.0
release-8.10.0-rc
release-8.10.1
release-8.10.2
release-8.10.3
release-8.11.0
release-8.11.0-rc
release-8.11.1
release-8.11.2
release-8.11.3
release-8.12.0
release-8.12.0-rc
release-8.12.1
release-8.12.2
release-8.12.3
release-8.13.0
release-8.13.0-rc
release-8.13.1
release-8.14.0
release-8.14.0-rc
release-8.14.1
release-8.14.2
release-8.14.3
release-8.14.4
release-8.15.0
release-8.15.0-rc
release-8.15.1
release-8.15.2
release-8.15.3
release-8.16.0
release-8.16.0-rc
release-8.17.0
release-8.17.0-rc
release-8.17.0-rc2
release-8.17.1
release-8.17.2
release-8.18.0-rc
release-8.2.0
release-8.2.0-rc
release-8.2.1
release-8.2.2
release-8.3.0
release-8.4.0
release-8.4.0-rc
release-8.4.1
release-8.5.0
release-8.5.1
release-8.5.2
release-8.5.3
release-8.5.4
release-8.5.5
release-8.6.0
release-8.6.0-rc
release-8.6.1
release-8.6.2
release-8.6.3
release-8.6.4
release-8.6.5
release-8.6.6
release-8.6.7
release-8.6.8
release-8.7.0
release-8.7.0-rc
release-8.7.1
release-8.7.2
release-8.7.3
release-8.8
release-8.8.0
release-8.8.0-rc
release-8.8.1
release-8.8.2
release-8.8.3
release-8.8.4
release-8.9.0
release-8.9.0-rc
release-8.9.1
release-8.9.2
release-8.9.3

release-9.*

release-9.0.0
release-9.0.0-beta001
release-9.0.0-beta002
release-9.0.0-beta003
release-9.0.0-beta004
release-9.0.0-rc001
release-9.0.0-rc002
release-9.0.0-rc003
release-9.0.0-rc004
release-9.0.1
release-9.1.0
release-9.1.0-rc
release-9.1.1
release-9.1.2
release-9.2.0
release-9.2.0-rc
release-9.3.0
release-9.3.0-rc
release-9.3.1
release-9.4.0
release-9.4.0-rc
release-9.4.1
release-9.4.2
release-9.5.0
release-9.5.0-rc
release-9.5.0-rc2
release-9.5.0-rc3
release-9.5.1

release-netcore-0.*

release-netcore-0.5.0-alpha001

release/13.*

release/13.1.1

release/7.*

release/7.15.2

release/8.*

release/8.1.3