Umbraco · Umbraco · CVE-2024-48925
**Name of the Vulnerable Software and Affected Versions**
Umbraco versions 14.0.0 through 14.2.x
**Description**
The issue is related to improper access control, allowing low-privilege users to access the webhook API and retrieve restricted information. This affects the settings section, where access should be limited to users with appropriate permissions.
**Recommendations**
For Umbraco versions 14.0.0 through 14.2.x, update to version 14.3.0 to resolve the issue.
As a temporary workaround, consider restricting access to the webhook API until the patch is applied.