umbraco Umbraco Cms Vulnerabilities
Umbraco Umbraco-cms vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Account Enumeration Vulnerability in Umbraco by Umbraco
CVE-2025-46736UmbracoUmbraco-cms5.3MEDIUMPath Traversal Vulnerability in Umbraco CMS by Umbraco
CVE-2025-32017UmbracoUmbraco-cms8.8HIGHAuthorization Bypass in Umbraco CMS by Umbraco
CVE-2025-27602UmbracoUmbraco-cms4.9MEDIUMImproper API Access Control in Umbraco's API Management Package
CVE-2025-27601UmbracoUmbraco-cms4.3MEDIUMCross-Site Scripting Vulnerability in Umbraco CMS by Umbraco
CVE-2025-24012UmbracoUmbraco-cms5.4MEDIUMAccount Enumeration Vulnerability in Umbraco CMS by Umbraco
CVE-2025-24011UmbracoUmbraco-cmsπΎπ‘EPSS 14%5.3MEDIUMUmbraco CMS Fixes Authenticated Endpoint Issue
CVE-2024-43377UmbracoUmbraco-cms4.3MEDIUMStack trace information leak in Management API
CVE-2024-43376UmbracoUmbraco-cms5.3MEDIUMUmbraco CMS Vulnerable to Cross-Site Scripting Attacks
CVE-2024-35218UmbracoUmbraco-cms4.8MEDIUMUmbraco CMS Endpoint Vulnerable to Open Redirects
CVE-2024-34071UmbracoUmbraco-cms6.1MEDIUMInformation Exposure in Umbraco ASP.NET CMS
CVE-2024-29035UmbracoUmbraco-cms5.3MEDIUMUmbraco 10 Vulnerable to User Enumeration Attack
CVE-2024-28868UmbracoUmbraco-cms5.3MEDIUMUmbraco CMS SMTP misconfiguration exposes potential registered user email
CVE-2023-49274umbracoUmbraco-CMS3.7LOWUmbraco CMS brute force exploit can be used to collect valid usernames
CVE-2023-49278UmbracoUmbraco-cms5.3MEDIUMUmbraco CMS vulnerable to stored XSS via SVG File Upload
CVE-2023-49279UmbracoUmbraco-cms3.7LOWUmbraco CMS possible path traversal when creating packages from backoffice
CVE-2023-49089umbracoUmbraco-CMS7.7HIGHUmbraco CMS vulnerable to Privilege Escalation using Spoofing
CVE-2023-49273umbracoUmbraco-CMS5.4MEDIUMUmbraco contains a DOM-XSS
CVE-2023-48313UmbracoUmbraco-cms4.3MEDIUMUmbraco CMS vulnerable to possible injection of HTML in an unintended form
CVE-2023-38694umbracoUmbraco-CMS3.5LOWUmbraco CMS Backoffice User can bypass "Publish" restriction
CVE-2023-48227UmbracoUmbraco-cms4.3MEDIUMUmbraco allows possible Admin-level access to backoffice without Auth under rare conditions
CVE-2023-37267UmbracoUmbraco-cms7.5HIGH
6 May 2025
8 April 2025
11 March 2025
21 January 2025
20 August 2024
21 May 2024
17 April 2024
20 March 2024
12 December 2023
13 July 2023
No more vulnerabilities to load.