8 matches found
EUVD-2025-14405
Malicious code in bioql PyPI...
Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
Impact The 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow configured vulnerable, as it allows sending the message from a trusted system and address potentially bypassing spam and email client security systems...
CVE-2025-47280 Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workfl...
CVE-2025-47280 Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workfl...
CVE-2025-47280 Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workfl...
CVE-2025-47280
Umbrao Forms HTML injection : The Send email workflow in Umbraco Forms (versions 7.x through just before 13.4.2 and 15.1.2) does not HTML-encode user-provided field values, allowing potential email spoofing or bypass of security checks. Affected forms can patch by updating to 13.4.2 or 15.1.2, or...
PT-2025-21011 · Umbraco · Umbraco Forms
Name of the Vulnerable Software and Affected Versions: Umbraco Forms versions 7.x through 13.4.1 Umbraco Forms versions 15.1.1 and earlier Description: The issue affects Umbraco Forms, a form builder that integrates with the Umbraco content management system. It is related to the 'Send email'...
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...