CVE-2026-46616
- Source
- https://cve.org/CVERecord?id=CVE-2026-46616
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46616.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-46616
- Aliases
- Published
- 2026-06-10T15:56:46.003Z
- Modified
- 2026-06-18T03:55:19.833255319Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- Umbraco.Cms: Open Redirect Vulnerability in Surface Controllers
- Details
-
Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some of the Surface Controllers in the CMS provide to support member related operations fail to validate redirect URLs, making Razor templates that derive 'RedirectUrl' from user-controlled query parameters vulnerable to malicious redirect attacks. This issue has been patched in versions 13.14.0 and 17.4.0.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46616.json", "cwe_ids": [ "CWE-601" ], "cna_assigner": "GitHub_M" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46616.json
- https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-2qjj-h6wp-c7h7
- https://nvd.nist.gov/vuln/detail/CVE-2026-46616
- https://github.com/umbraco/Umbraco-CMS/pull/22561
- https://github.com/umbraco/Umbraco-CMS/pull/22565
Affected packages
Git / github.com/umbraco/umbraco-cms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/umbraco/umbraco-cms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixed
- Database specific
{ "cpe": "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*", "source": "CPE_RANGE", "extracted_events": [ { "introduced": "0" }, { "fixed": "13.14.0" }, { "introduced": "14.0.0" }, { "fixed": "17.4.0" } ] }
Affected versions
4.*
4.7.2
Release-4.*
Release-4.5.2
Release-4.6.0
Other
Sprint-Juno-A
release-netcore-alpha002
release-netcore-alpha004
release-10.*
release-10.0.0-rc1
release-11.*
release-11.0.0-rc1
release-12.*
release-12.1.0-rc
release-13.*
release-13.13.0-rc
release-13.13.1
release-13.14.0-rc
release-13.14.0-rc2
release-13.14.0-rc3
release-13.2.0-rc
release-13.7.0-rc
release-14.*
release-14.0.0--preview004
release-14.0.0--preview005
release-14.0.0--preview006
release-17.*
release-17.4.0-rc
release-17.4.0-rc2
release-17.4.0-rc3
release-6.*
release-6.1.0-beta
release-7.*
release-7.0.0
release-7.0.0-RC
release-7.0.0-beta
release-7.1.0
release-7.1.0-RC
release-7.1.1
release-7.1.2
release-7.1.3
release-7.1.4
release-7.2.0-alpha
release-7.2.0-beta
release-7.2.0-beta2
release-9.*
release-9.0.0
release-9.0.0-beta001
release-9.0.0-beta002
release-9.0.0-beta003
release-9.0.0-beta004
release-9.0.0-rc002
release-9.0.0-rc003
release-9.0.0-rc004
release-netcore-0.*
release-netcore-0.5.0-alpha001
v14.*
v14.0.0--preview005