Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
nuget Umbraco.CMS Security Advisories
Loading...
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS02eG14LTg1eDMtNGN2Ms4AA3ug
Stored XSS via SVG File UploadEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS03eDc0LWg4Y3ctcWh4cc4AA3uf
Brute force exploit can be used to collect valid usernamesEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04cXA4LTlycHctajQ2Y84AA3ue
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1jZnI1LTdwNTQtNHFnOM4AA3ud
Privilege Escalation using SpoofingEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS02MzI0LTUycHItaDRwNc4AA3uc
Using the directory back payload (“/../”) in a package name allows placement of package in other folders.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS12OThtLTM5OHgtMjY5cs4AA3ub
DOM-XSS on Backoffice login screen.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS0zMzV4LTV3Y20tOGp2Ms4AA3ua
Backoffice User can bypass "Publish" restrictionEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS14eGM2LTM1cjctNzk2d84AA3uY
Possible injection of HTML into user invite mailsEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14MzRqLXd4cTgtN3Zjbc4AAb4d
Umbraco CMS vulnerable to CSRFEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ZjZwLTRoeHEtcmp4bc4AAb4c
Umbraco CMS vulnerable to CSRFEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Statistics
Advisories: 18,151
Packages: 8,242
Repositories: 1
Ecosystems: 12
Packages: 8,242
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
247
DotNetNuke.Core
19
Microsoft.AspNetCore.App.Runtime.win-x64
17
Microsoft.AspNetCore.App.Runtime.win-x86
17
Microsoft.AspNetCore.App.Runtime.win-arm
16
Microsoft.AspNetCore.App.Runtime.linux-arm
15
Microsoft.AspNetCore.App.Runtime.linux-arm64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
15
Microsoft.AspNetCore.App.Runtime.linux-x64
15
Microsoft.AspNetCore.App.Runtime.osx-x64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
14
Microsoft.AspNetCore.App.Runtime.win-arm64
14
Microsoft.NETCore.App.Runtime.win-x86
12
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NETCore.App.Runtime.win-arm64
12
Microsoft.NETCore.App
10
Umbraco.CMS
10
Microsoft.AspNetCore.All
10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
10
Microsoft.NETCore.App.Runtime.linux-musl-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-x64
9
Microsoft.NetCore.App.Runtime.win-arm
9
Microsoft.NETCore.App.Runtime.linux-x64
9
Microsoft.NetCore.App.Runtime.win-arm64
9
Microsoft.NetCore.App.Runtime.win-x64
9
Microsoft.NetCore.App.Runtime.win-x86
9
tinymce
9
TinyMCE
9
tinymce/tinymce
9
Microsoft.NETCore.App.Runtime.linux-arm64
9
Microsoft.NETCore.App.Runtime.linux-arm
9
org.webjars.npm:jquery
9
jquery-rails
9
jquery
9
Microsoft.AspNetCore.App
8
Microsoft.AspNetCore.App.Runtime.osx-arm64
8
jQuery
8
Microsoft.NETCore.App.Runtime.win-arm
8
Microsoft.NETCore.App.Runtime.osx-x64
8
Microsoft.NETCore.App.Runtime.linux-musl-arm
7
OPCFoundation.NetStandard.Opc.Ua.Core
7
CefSharp.Common
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
Microsoft.AspNetCore.Mvc.Core
6
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
CefSharp.WinForms
5
CefSharp.Wpf
5
CefSharp.Wpf.HwndHost
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
System.Text.Encodings.Web
5
System.Net.Http
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
5
Microsoft.AspNetCore.Mvc.Cors
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
Microsoft.NETCore.App.Runtime.rhel.6-x64
5
Microsoft.NetCore.App.Runtime.linux-arm
4
Microsoft.NetCore.App.Runtime.linux-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-arm
4
Microsoft.NetCore.App.Runtime.linux-musl-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-x64
4
Microsoft.NetCore.App.Runtime.linux-x64
4
Microsoft.NetCore.App.Runtime.osx-arm64
4
Microsoft.NetCore.App.Runtime.osx-x64
4
Serenity.Net.Core
4
Microsoft.AspNetCore.Mvc
4
System.Net.Http.WinHttpHandler
4
SharpZipLib
4
System.Net.Security
4
Microsoft.AspNetCore.Mvc.WebApiCompatShim
4
System.Net.WebSockets.Client
4
Microsoft.AspNetCore.Mvc.Abstractions
4
Microsoft.AspNetCore.Mvc.ApiExplorer
4
Microsoft.AspNetCore.Mvc.DataAnnotations
4
OPCFoundation.NetStandard.Opc.Ua
4
NuGet.CommandLine
4
Microsoft.AspNetCore.Mvc.Formatters.Json
4
AjaxNetProfessional
4
NuGet.Commands
4
Microsoft.AspNetCore.Mvc.Formatters.Xml
4
Microsoft.AspNetCore.Mvc.Localization
4
Microsoft.AspNetCore.Mvc.Razor.Host
4
Microsoft.AspNetCore.Mvc.Razor
4
Microsoft.AspNetCore.Mvc.TagHelpers
4
Microsoft.AspNetCore.Mvc.ViewFeatures
4
SSCMS
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
Microsoft.Native.Quic.MsQuic.OpenSSL
3
Microsoft.Native.Quic.MsQuic.Schannel
3
Sustainsys.Saml2
3
CefSharp.Common.NETCore
3
SixLabors.ImageSharp
3
System.Private.Uri
3
Umbraco.Cms.Core
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
System.Security.Cryptography.Xml
3
Microsoft.NETCore.App.Runtime.osx-arm64
3
wix
3
UmbracoCms
3
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86
2
ServiceStack
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64
2
Microsoft.Owin
2
sharpcompress
2
jQuery.Validation
2
jquery-validation
2
UmbracoCMS.Core
2
System.Management.Automation
2
starkbank-ecdsa
2
Snowflake.Data
2
Moment.js
2
moment
2
elFinder.NetCore
2
Microsoft.AspNetCore.Http.Connections
2
HtmlSanitizer
2
PanelSwWix4.Sdk
2
System.Data.SqlClient
2
Microsoft.Data.SqlClient
2
Google.Protobuf
2
google/protobuf
2
github.com/protocolbuffers/protobuf
2
protobuf
2
bootstrap.sass
2
bootstrap
2
Bootstrap.Less
2
Azure.Identity
2
PeterO.Cbor
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86
2
Umbraco.Cms.Web.BackOffice
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64
2
DisCatSharp
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.osx-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64
2
Filter by Repository