Filter

Software

umbraco cms
41
umbraco umbraco forms
2
umbraco forms
1
umbraco umbraco identity extensibility
1

Umbraco CMSInput Validation

critical
9.8
First published (updated )
CVE-2012-1301

Umbraco CMSMalicious File Upload

critical
9.8
First published (updated )
CVE-2014-10074

Umbraco FormsUmbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw th…

critical
9.8
First published (updated )
CVE-2021-37334

Umbraco CMSUmbraco allows possible Admin-level access to backoffice without Auth under rare conditions

critical
9.8
First published (updated )
CVE-2023-37267

Umbraco CMSSQL Injection

critical
9.8
First published (updated )
CVE-2019-13957

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Umbraco Umbraco FormsMalicious File Upload

critical
9.8
First published (updated )
CVE-2021-33224

Umbraco CMSMalicious File Upload

high
8.8
First published (updated )
CVE-2020-9471

nuget/Umbraco.CMSCSRF

high
8.8
First published (updated )
CVE-2015-8814

npm/@umbraco-cms/backofficeUmbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section

high
8.7
First published (updated )
CVE-2024-47819

Umbraco CMSUmbraco Remote ApplicationURL Overwrite

high
8.6
First published (updated )
CVE-2022-22690

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

nuget/Umbraco.CMSSSRF

high
8.2
First published (updated )
CVE-2015-8813

nuget/Umbraco.CMSUmbraco CMS possible path traversal when creating packages from backoffice

high
7.7
First published (updated )
CVE-2023-49089

Umbraco CMSThe update function in umbraco.webservices/templates/templateService.cs in the TemplateService compo…

high
7.5
First published (updated )
CVE-2013-4793

Umbraco Umbraco FormsInsecure Defaults

high
7.5
First published (updated )
CVE-2020-7685

Umbraco CMSUmbraco Password Reset URL Poison

high
7.4
First published (updated )
CVE-2022-22691

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Umbraco CMSUmbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated admini…

high
7.2
First published (updated )
CVE-2019-25137

nuget/Umbraco.Cms.CoreUmbraco CMS Dashboard frame cross site scripting

medium
6.9
First published (updated )
CVE-2024-10761

nuget/Umbraco.CMSUmbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API

medium
6.5
First published (updated )
CVE-2024-48925

Umbraco CMSXSS

medium
6.5
First published (updated )
CVE-2024-55488

Umbraco CMSPath Traversal

medium
6.5
First published (updated )
CVE-2020-5811

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Umbraco CMSMalicious File Upload

medium
6.5
First published (updated )
CVE-2020-9472

Umbraco CMSXSS

medium
6.1
First published (updated )
CVE-2015-8815

Umbraco CMSUmbraco CMS before 7.15.7 is vulnerable to Open Redirection due to insufficient url sanitization on …

medium
6.1
First published (updated )
CVE-2021-34254

nuget/Umbraco.CMSUmbraco contains a DOM-XSS

medium
6.1
First published (updated )
CVE-2023-48313

nuget/UmbracoCms.WebXEE, SSRF

medium
5.5
First published (updated )
CVE-2017-15280

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

nuget/Umbraco.CmsUmbraco CMS Improper Access Control vulnerability

medium
5.4
First published (updated )
CVE-2024-43377

Umbraco CMSXSS

medium
5.4
First published (updated )
CVE-2020-5810

nuget/UmbracoCMS.WebXSS

medium
5.4
First published (updated )
CVE-2017-15279

nuget/UmbracoCms.CoreXSS

medium
5.4
First published (updated )
CVE-2020-5809

nuget/Umbraco.CMSUmbraco CMS vulnerable to possible injection of HTML in an unintended form

medium
5.4
First published (updated )
CVE-2023-38694

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203