Vulnerabilities > Umbraco > Umbraco CMS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-49274 | Information Exposure vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.3 |
| 2023-12-12 | CVE-2023-49278 | Improper Restriction of Excessive Authentication Attempts vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.3 |
| 2023-12-12 | CVE-2023-49279 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.4 |
| 2023-12-12 | CVE-2023-49089 | Path Traversal vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 6.5 |
| 2023-12-12 | CVE-2023-49273 | Incorrect Authorization vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.4 |
| 2023-12-12 | CVE-2023-48313 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 6.1 |
| 2023-12-12 | CVE-2023-38694 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.4 |
| 2023-12-12 | CVE-2023-48227 | Incorrect Authorization vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 4.3 |
| 2023-07-13 | CVE-2023-37267 | Unspecified vulnerability in Umbraco CMS Umbraco is a ASP.NET CMS. | 9.8 |
| 2023-05-18 | CVE-2019-25137 | XML Injection (aka Blind XPath Injection) vulnerability in Umbraco CMS Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx. | 7.2 |