00Mpal00Mpa

**Name of the Vulnerable Software and Affected Versions** Umbraco versions 14.0.0 through 15.4.1 **Description** The issue allows uploading a file that does not adhere to the configured allowable file extensions via a manipulated API request. The problem is resolved in versions 15.4.2 and 16.0.0. **Recommendations** For versions 14.0.0 through 15.4.1, update to version 15.4.2 or 16.0.0 to resolve the issue. As a temporary workaround, consider restricting API requests to prevent unauthorized file uploads until a patch is applied.