Vulnerabilities > Umbraco > Umbraco CMS

DATE CVE VULNERABILITY TITLE RISK
2024-10-22 CVE-2024-47819 Cross-site Scripting vulnerability in Umbraco CMS
Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0.
network
low complexity
umbraco CWE-79
8.7
2024-10-22 CVE-2024-48925 Incorrect Authorization vulnerability in Umbraco CMS
Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0.
network
low complexity
umbraco CWE-863
6.5
2024-10-22 CVE-2024-48926 Insufficient Session Expiration vulnerability in Umbraco CMS
Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15.
network
high complexity
umbraco CWE-613
3.1
2024-10-22 CVE-2024-48927 Cross-site Scripting vulnerability in Umbraco CMS
Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15.
network
low complexity
umbraco CWE-79
4.6
2024-10-22 CVE-2024-48929 Session Fixation vulnerability in Umbraco CMS
Umbraco is a free and open source .NET content management system.
network
high complexity
umbraco CWE-384
4.2
2024-08-20 CVE-2024-43376 Information Exposure Through an Error Message vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1
Umbraco is an ASP.NET CMS.
network
low complexity
umbraco CWE-209
5.3
2024-08-20 CVE-2024-43377 Unspecified vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1
Umbraco CMS is an ASP.NET CMS.
network
low complexity
umbraco
4.3
2023-12-12 CVE-2023-49274 Information Exposure vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-200
5.3
2023-12-12 CVE-2023-49278 Improper Restriction of Excessive Authentication Attempts vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-307
5.3
2023-12-12 CVE-2023-49279 Cross-site Scripting vulnerability in Umbraco CMS
Umbraco is an ASP.NET content management system (CMS).
network
low complexity
umbraco CWE-79
5.4