Vulnerabilities > Umbraco > Umbraco CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-21 | CVE-2025-24011 | Information Exposure Through Discrepancy vulnerability in Umbraco CMS Umbraco is a free and open source .NET content management system. | 5.3 |
| 2025-01-21 | CVE-2025-24012 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco is a free and open source .NET content management system. | 5.4 |
| 2024-11-04 | CVE-2024-10761 | Unspecified vulnerability in Umbraco CMS 12.3.6 A vulnerability was found in Umbraco CMS up to 10.7.7/12.3.6/13.5.2/14.3.1/15.1.1. | 4.3 |
| 2024-10-22 | CVE-2024-48925 | Incorrect Authorization vulnerability in Umbraco CMS Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. | 6.5 |
| 2024-10-22 | CVE-2024-48927 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. | 4.6 |
| 2024-10-22 | CVE-2024-48929 | Session Fixation vulnerability in Umbraco CMS Umbraco is a free and open source .NET content management system. | 4.2 |
| 2024-08-20 | CVE-2024-43376 | Information Exposure Through an Error Message vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1 Umbraco is an ASP.NET CMS. | 5.3 |
| 2024-08-20 | CVE-2024-43377 | Unspecified vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1 Umbraco CMS is an ASP.NET CMS. | 4.3 |
| 2024-05-21 | CVE-2024-34071 | Open Redirect vulnerability in Umbraco CMS Umbraco is an ASP.NET CMS used by more than 730.000 websites. | 6.1 |
| 2024-05-21 | CVE-2024-35218 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. | 4.8 |