{"uuid": "14fb8414-47d2-491c-984b-6f278b907a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-25137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2581", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-25137\n\ud83d\udd39 Description: Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx.\n\ud83d\udccf Published: 2023-05-18T00:00:00\n\ud83d\udccf Modified: 2025-01-22T16:43:41.293Z\n\ud83d\udd17 References:\n1. https://www.exploit-db.com/exploits/46153\n2. https://github.com/noraj/Umbraco-RCE\n3. https://0xdf.gitlab.io/2020/09/05/htb-remote.html\n4. https://github.com/Ickarah/CVE-2019-25137-Version-Research", "creation_timestamp": "2025-01-22T17:01:53.000000Z"}