Filter
Umbraco CMSXSS
First published (updated )
npm/@umbraco-cms/backofficeUmbraco Backoffice Components Have XSS/HTML Injection Vulnerability
4.6
EPSS
0.04%
First published (updated )
nuget/Umbraco.CmsUmbraco CMS Vulnerable to User Enumeration Feasible Based On Management API Timing and Response Codes
5.3
EPSS
0.04%
First published (updated )
nuget/Umbraco.Cms.CoreUmbraco CMS Dashboard frame cross site scripting
6.9
First published (updated )
nuget/Umbraco.CMSUmbraco CMS Has Incomplete Server Termination During Explicit Sign-Out
4.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Umbraco CMSPotential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
4.6
First published (updated )
Umbraco CMSUmbraco CMS logout page displayed before session expiration
4.2
First published (updated )
nuget/Umbraco.CMSUmbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API
6.5
First published (updated )
npm/@umbraco-cms/backofficeUmbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
8.7
First published (updated )
nuget/Umbraco.CmsUmbraco CMS Improper Access Control vulnerability
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
nuget/Umbraco.Cms.Api.ManagementUmbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
5.3
First published (updated )
nuget/Umbraco.CMSUmbraco CMS vulnerable to stored XSS via SVG File Upload
5.4
First published (updated )
nuget/Umbraco.CMSUmbraco CMS brute force exploit can be used to collect valid usernames
5.3
First published (updated )
nuget/Umbraco.CMSUmbraco CMS SMTP misconfiguration exposes potential registered user email
5.3
First published (updated )
nuget/Umbraco.CMSUmbraco CMS vulnerable to Privilege Escalation using Spoofing
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
nuget/Umbraco.CMSUmbraco CMS possible path traversal when creating packages from backoffice
7.7
First published (updated )
nuget/Umbraco.CMSUmbraco CMS Backoffice User can bypass "Publish" restriction
4.3
First published (updated )
nuget/Umbraco.CMSUmbraco CMS vulnerable to possible injection of HTML in an unintended form
5.4
First published (updated )
Umbraco CMSUmbraco allows possible Admin-level access to backoffice without Auth under rare conditions
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Umbraco Umbraco Identity ExtensibilityClient secret not mandatory in UmbracoIdentityExtensions
5.3
First published (updated )
Umbraco CMSUmbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated admini…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Umbraco FormsUmbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw th…
9.8
First published (updated )
Umbraco CMSUmbraco CMS before 7.15.7 is vulnerable to Open Redirection due to insufficient url sanitization on …
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.