Vulnerabilities > Umbraco > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-22 CVE-2024-48925 Incorrect Authorization vulnerability in Umbraco CMS
Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0.
network
low complexity
umbraco CWE-863
6.5
2024-10-22 CVE-2024-48927 Cross-site Scripting vulnerability in Umbraco CMS
Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15.
network
low complexity
umbraco CWE-79
4.6
2024-10-22 CVE-2024-48929 Session Fixation vulnerability in Umbraco CMS
Umbraco is a free and open source .NET content management system.
network
high complexity
umbraco CWE-384
4.2
2024-08-20 CVE-2024-43376 Information Exposure Through an Error Message vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1
Umbraco is an ASP.NET CMS.
network
low complexity
umbraco CWE-209
5.3
2024-08-20 CVE-2024-43377 Unspecified vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1
Umbraco CMS is an ASP.NET CMS.
network
low complexity
umbraco
4.3
2023-12-12 CVE-2023-49274 Information Exposure vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-200
5.3
2023-12-12 CVE-2023-49278 Improper Restriction of Excessive Authentication Attempts vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-307
5.3
2023-12-12 CVE-2023-49279 Cross-site Scripting vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-79
5.4
2023-12-12 CVE-2023-49089 Path Traversal vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-22
6.5
2023-12-12 CVE-2023-49273 Incorrect Authorization vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-863
5.4