CVE-2022-22690

Name of the Vulnerable Software and Affected Versions Umbraco versions prior to 9.2.0

Description The issue concerns the "UmbracoApplicationUrl" configuration element in the Umbraco CMS. This element is used to build URLs pointing back to the site, such as password reset URLs or URLs for administrator invitations. If the Application URL is not specifically configured in Umbraco versions less than 9.2.0, an attacker can manipulate this value, store it persistently, and affect all users for components where "UmbracoApplicationUrl" is used. For example, an attacker can change the password reset URL to point to their server, allowing them to intercept the reset token and take over the account.

Recommendations For Umbraco versions prior to 9.2.0, update to version 9.2.0 or later to resolve the issue. As a temporary workaround, consider configuring the "UmbracoApplicationUrl" explicitly to prevent manipulation by attackers. Restrict access to components that use the "UmbracoApplicationUrl" to minimize the risk of exploitation.