Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

nuget

Umbraco.CMS

nuget · Installs Umbraco CMS with all default dependencies in your ASP.NET Core project. · Repository · Package

Security Advisories for Umbraco.CMS in nuget

Moderate
3 months ago

Umbraco CMS disclosure of configured password requirements GSA_kwCzR0hTQS1wZ3ZjLTZoMnAtcTRmNs4ABJYa

nuget Umbraco.Cms
Moderate
4 months ago

Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads GSA_kwCzR0hTQS1mcjZyLXA4aHYteDNjNM4ABIpe

nuget Umbraco.Cms
Moderate
5 months ago

Umbraco Makes User Enumeration Feasible Based on Timing of Login Response GSA_kwCzR0hTQS00ZzhtLTVtajUtYzh4Z84ABHiN

nuget Umbraco.Cms
High
6 months ago

Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users GSA_kwCzR0hTQS1xNjJyLThwcGoteHZmNM4ABGn5

nuget Umbraco.Cms
Moderate
8 months ago

XSS/HTML Injection Vulnerability in Umbraco Preview Badge GSA_kwCzR0hTQS02OWNnLXc4dm0taDIyOc4ABDo-

nuget Umbraco.Cms
Moderate
8 months ago

Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes GSA_kwCzR0hTQS1obWc0LXd3bTUtcDk5Oc4ABDo8

nuget Umbraco.Cms
Moderate
11 months ago

Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out GSA_kwCzR0hTQS13eHc5LTZwdjktYzN4Y84ABAkj

nuget Umbraco.CMS
Moderate
11 months ago

Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice GSA_kwCzR0hTQS01OTU1LWN3djQtaDdxaM4ABAki

nuget Umbraco.Cms, UmbracoCms
Moderate
11 months ago

Umbraco CMS logout page displayed before session expiration GSA_kwCzR0hTQS1mcDZxLWdjY3ctN3Fxbc4ABAkh

nuget UmbracoCMS, Umbraco.CMS
Low
11 months ago

Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API GSA_kwCzR0hTQS00Z3A5LWZmOTktajZ2as4ABAkg

nuget Umbraco.CMS
Moderate
about 1 year ago

Umbraco CMS Improper Access Control vulnerability GSA_kwCzR0hTQS1ocnd3LXgzZnEteGN2aM4AA-z9

nuget Umbraco.Cms
Low
almost 2 years ago

Stored XSS via SVG File Upload GSA_kwCzR0hTQS02eG14LTg1eDMtNGN2Ms4AA3ug

nuget Umbraco.CMS
Low
almost 2 years ago

Brute force exploit can be used to collect valid usernames GSA_kwCzR0hTQS03eDc0LWg4Y3ctcWh4cc4AA3uf

nuget Umbraco.CMS
Low
almost 2 years ago

SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email. GSA_kwCzR0hTQS04cXA4LTlycHctajQ2Y84AA3ue

nuget Umbraco.CMS
Moderate
almost 2 years ago

Privilege Escalation using Spoofing GSA_kwCzR0hTQS1jZnI1LTdwNTQtNHFnOM4AA3ud

nuget Umbraco.CMS
Low
almost 2 years ago

Using the directory back payload (“/../”) in a package name allows placement of package in other folders. GSA_kwCzR0hTQS02MzI0LTUycHItaDRwNc4AA3uc

nuget Umbraco.CMS
Moderate
almost 2 years ago

DOM-XSS on Backoffice login screen. GSA_kwCzR0hTQS12OThtLTM5OHgtMjY5cs4AA3ub

nuget Umbraco.CMS
Low
almost 2 years ago

Backoffice User can bypass "Publish" restriction GSA_kwCzR0hTQS0zMzV4LTV3Y20tOGp2Ms4AA3ua

nuget Umbraco.CMS
Low
almost 2 years ago

Possible injection of HTML into user invite mails GSA_kwCzR0hTQS14eGM2LTM1cjctNzk2d84AA3uY

nuget Umbraco.CMS
High
over 3 years ago

Umbraco CMS vulnerable to CSRF GSA_kwCzR0hTQS01ZjZwLTRoeHEtcmp4bc4AAb4c

nuget Umbraco.CMS
High
over 3 years ago

Umbraco CMS vulnerable to CSRF GSA_kwCzR0hTQS14MzRqLXd4cTgtN3Zjbc4AAb4d

nuget Umbraco.CMS

Filter by Severity

Moderate 11 Low 7 High 3