2 matches found
CVE-2020-7685
CVE-2020-7685 affects UmbracoForms (all versions). The issue arises when using the default configuration for file uploads, which permits uploading arbitrary file types. A mitigation path is described: implement a custom workflow and frontend validation to block disallowed file types according to ...
CVE-2020-7685 Insecure Defaults
This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that...