Umbraco: Server-Side Request Forgery via baseUrl Parameter Manipulation

In Umbraco CMS version 8.14.1 a medium severity vulnerability CVE-2021-47776 was detected. This vulnerability allows attackers to perform server-side request forgery (SSRF) by manipulating the baseUrl parameter in multiple dashboard and help controller endpoints, causing the server to initiate unauthorized requests to external hosts. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2021-47776.