Vulnerabilities > Umbraco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-10761 | Code Injection vulnerability in Umbraco CMS 12.3.6 A vulnerability was found in Umbraco CMS 12.3.6. | 5.4 |
| 2024-10-22 | CVE-2024-48925 | Incorrect Authorization vulnerability in Umbraco CMS Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. | 6.5 |
| 2024-10-22 | CVE-2024-48927 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. | 4.6 |
| 2024-10-22 | CVE-2024-48929 | Session Fixation vulnerability in Umbraco CMS Umbraco is a free and open source .NET content management system. | 4.2 |
| 2024-08-20 | CVE-2024-43376 | Information Exposure Through an Error Message vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1 Umbraco is an ASP.NET CMS. | 5.3 |
| 2024-08-20 | CVE-2024-43377 | Unspecified vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1 Umbraco CMS is an ASP.NET CMS. | 4.3 |
| 2023-12-12 | CVE-2023-49274 | Information Exposure vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.3 |
| 2023-12-12 | CVE-2023-49278 | Improper Restriction of Excessive Authentication Attempts vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.3 |
| 2023-12-12 | CVE-2023-49279 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.4 |
| 2023-12-12 | CVE-2023-49089 | Path Traversal vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 6.5 |