Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm @umbraco-cms/backoffice Security Advisories

Browse all Security Advisories for npm @umbraco-cms/backoffice

Loading...
Moderate
GSA_kwCzR0hTQS13djh2LXJtdzItMjV3Y84ABDow
XSS/HTML Injection Vulnerability in Umbraco Backoffice Components
Ecosystems: npm, nuget
Packages: @umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Moderate
GSA_kwCzR0hTQS1jNWc2LTZ4ZjctcXhwM84ABAkf
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
Ecosystems: npm, nuget
Packages: @umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Statistics
Advisories: 21,193
Packages: 9,249
Repositories: 1
Ecosystems: 12
Filter by Severity
Moderate 9,070 High 7,442 Critical 3,105 Low 1,197
Filter by Ecosystem
maven 5,973 packagist 4,743 pypi 4,463 npm 3,887 go 2,408 nuget 1,609 cargo 930 rubygems 887 swift 34 hex 32 actions 22 pub 10
Filter by Package
parse-server 31 directus 30 electron 26 @openzeppelin/contracts-upgradeable 21 next 20 @openzeppelin/contracts 20 sequelize 16 tinymce 16 ckeditor4 15 ghost 15 swagger-ui 14 undici 14 joplin 14 strapi 13 angular 13 nodebb 12 vm2 12 matrix-js-sdk 11 flowise 11 bootstrap 11 handlebars 11 tinymce/tinymce 11 TinyMCE 11 marked 11 nocodb 10 bootstrap 9 twbs/bootstrap 9 org.webjars:bootstrap 9 systeminformation 9 bootstrap 9 @strapi/strapi 9 next-auth 9 matrix-react-sdk 9 @evershop/evershop 9 serve 9 urijs 8 node-forge 8 editor.md 8 jquery-rails 8 express-cart 8 org.webjars.npm:jquery 8 jquery 8 tar 8 jsrsasign 8 matrix-appservice-irc 8 vite 8 steal 8 uptime-kuma 8 npm 8 validator 8 url-parse 8 sanitize-html 7 mongoose 7 hapi 7 total.js 7 lodash 7 elliptic 7 hermes-engine 7 snyk-broker 7 dompurify 7 bootstrap-sass 7 bootstrap.sass 7 jquery-ui-rails 7 jQuery.UI.Combined 7 org.webjars.npm:jquery-ui 7 jquery-ui 7 shescape 7 jQuery 7 parse-url 6 bootstrap-sass 6 aaptjs 6 safe-eval 6 rsshub 6 @strapi/plugin-users-permissions 6 yarn 5 total4 5 express 5 sweetalert2 5 katex 5 ejs 5 dojo 5 prismjs 5 public 5 vditor 5 @sveltejs/kit 5 mermaid 5 openpgp 5 keystone 5 @lobehub/chat 5 ws 5 rendertron 5 mattermost-desktop 5 @saltcorn/server 5 lodash-es 5 xlsx 5 mysql2 5 ua-parser-js 5 axios 5 hono 4 trix 4 valine 4 realms-shim 4 engine.io 4 fastify 4 @backstage/plugin-scaffolder-backend 4 @keystone-6/core 4 safer-eval 4 mongo-express 4 simple-git 4 lunary 4 materialize-css 4 generator-jhipster 4 remarkable 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 muhammara 4 hummus 4 @directus/api 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 simple-markdown 4 auth0-js 4 convert-svg-core 4 glance 4 apollo-server-core 4 apostrophe 4 fast-xml-parser 4 auth0-lock 4 follow-redirects 4 vega 4 moment 4 jsonwebtoken 4 ecstatic 4 qs 4 meshcentral 4 docsify 3 statics-server 3 astro 3 node-jose 3 agnai 3 blamer 3 @builder.io/qwik 3 sails 3 @sequelize/core 3 layui 3 renovate 3 dset 3 uap-core 3 nadesiko3 3 mixme 3 @janhq/core 3 wrangler 3 yapi-vendor 3 dojox 3 m-server 3 @cubejs-backend/api-gateway 3 localhost-now 3 node-red-dashboard 3 mxgraph 3 locutus 3 object-path 3 @materializecss/materialize 3 socket.io-file 3 @strapi/utils 3 js-yaml 3 org.webjars.npm:xlsx 3 parsel 3 http-live-simulator 3 keycloak-connect 3 grunt 3 postcss 3 code-server 3 immer 3 @uppy/companion 3 buttle 3 serialize-to-js 3 xmldom 3 libxmljs 3 passport-wsfed-saml2 3 node-ipc 3 protobufjs 3 raneto 3 node-fetch 3 apollo-server 3 codecov 3 @strapi/plugin-content-manager 3 slpjs 3 snyk 3 jspdf 3 ids-enterprise 3 typeorm 3 node-opcua 3 json-pointer 3 @apollo/server 3 ftp-srv 3 send 3 tough-cookie 3 @vrite/sdk 3 angular-expressions 3 llhttp 3 jose-node-esm-runtime 3
Filter by Repository
https://github.com/umbraco/Umbraco-CMS 2