EPSS
Percentile
39.1%
umbracocms is vulnerable to account takeover. The use of ApplicationUrl in ConstructCallbackUrl to build a URL pointing back to the site allows an attacker to poison password reset URLs and perform account take over.
ApplicationUrl
ConstructCallbackUrl
appcheck-ng.com/umbraco-applicationurl-overwrite-persistent-password-reset-poison-cve-2022-22690-cve-2022-22691/