CVE-2026-31832— Umbraco Backoffice API Allows Unauthorized Modification of Domain Data
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-31832
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Umbraco Backoffice API Allows Unauthorized Modification of Domain Data
Source: NVD (National Vulnerability Database)
Vulnerability Description
Umbraco is an ASP.NET CMS. From 14.0.0 to before 16.5.1 and 17.2.2, A broken object-level authorization vulnerability exists in a backoffice API endpoint that allows authenticated users to assign domain-related data to content nodes without proper authorization checks. The issue is caused by insufficient authorization enforcement on the affected API endpoint, whereby via an API call, domains can be set on content nodes that the editor does not have permission to access (either via user group privileges or start nodes). This vulnerability is fixed in 16.5.1 and 17.2.2.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过用户控制密钥绕过授权机制
Source: NVD (National Vulnerability Database)
Vulnerability Title
Umbraco 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Umbraco是丹麦Umbraco公司的一套C#编写的开源的内容管理系统(CMS)。 Umbraco 14.0.0版本至16.5.1之前版本和17.2.2之前版本存在安全漏洞,该漏洞源于后台API端点授权执行不足,可能导致未经授权设置内容节点域。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| umbraco | Umbraco-CMS | >= 14.0.0, < 16.5.1 | - |
II. Public POCs for CVE-2026-31832
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-31832
请登录查看更多情报信息。
Same Patch Batch · umbraco · 2026-03-10 · 3 CVEs total
| CVE-2026-31834 | 7.2 HIGH | Umbraco Affected by Vertical Privilege Escalation via Missing Authorization Checks |
| CVE-2026-31833 | 6.7 MEDIUM | Umbraco has Stored XSS in UFM Rendering Pipeline via Permissive DOMPurify Attribute Filter |
IV. Related Vulnerabilities
Same product: Umbraco-CMS
- CVE-2026-31834
Umbraco Affected by Vertical Privilege Escalation via Missin - CVE-2026-31833
Umbraco has Stored XSS in UFM Rendering Pipeline via Permiss - CVE-2025-66625
Umbraco Vulnerable to Improper File Access and Credential Ex - CVE-2025-54425
Umbraco's Delivery API allows for cached requests to be retu - CVE-2025-49147
Umbraco.Cms Vulnerable to Disclosure of Configured Password
Same vendor: umbraco
- CVE-2026-31834
Umbraco Affected by Vertical Privilege Escalation via Missin - CVE-2026-31833
Umbraco has Stored XSS in UFM Rendering Pipeline via Permiss - CVE-2026-27449
Umbraco.Engage.Forms Allows Unauthorized Access to Multiple - CVE-2026-24687
Umbraco.Forms has path traversal and file enumeration vulner - CVE-2025-68924
Umbraco Forms 安全漏洞
Same weakness: CWE-639
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-42291
SysReptor: Read-write access to personal notes by sharing-li - CVE-2026-44400
MailEnable Enterprise Premium < 10.55 Authorization Bypass v - CVE-2026-42279
solidtime: Time entry update endpoint allows cross-organizat - CVE-2026-42277
Onyx: IDOR in /chat/file/{file_id} allows any authenticated
V. Comments for CVE-2026-31832
No comments yet