Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
Sorry for cross posting this, but should we worry about our umbraco websites, because of this?
Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942)
I posted the same question in the umbraco blog and in the ASP.NET forum.
umbraco is using this (affected) dll: System.Web.Mvc.dll
Umbraco uses UmbracoMembershipProvider for the backend.
Main question here: can an attacker use this vunlerability to gain access to the umbraco backend?
The blogpost from yesterday has been updated with instructions on how to update the affected .dll here http://umbraco.com/follow-us/blog-archive/2014/10/16/getting-a-systemwebhttpapicontroller-error
So in short, yes do follow the advise from Microsoft and update :)
is working on a reply...
Write your reply to:
Image will be uploaded when post is submitted