Cross-Site Scripting (XSS)

umbracocms is vulnerable to stored Cross-site Scripting XSS. The vulnerability is due to the lack of input sanitization, allowing attackers with access to the backoffice to inject malicious content into a website or application...

Privilege Escalation

umbracocms is vulnerable to Privilege Escalation. The vulnerability exists due to improper access control which allows an attacker with low privileged roles to perform unauthorized actions...

Incorrect Authorization

umbracocms is vulnerable to Incorrect Authorization. The vulnerability is due to ValidateUserAccess function in ContentSaveValidationAttribute.cs file not performing any checks for specific user permissions, as there is no differentiation between users with 'send for approval' permissions and tho...

Information Disclosure

umbracocms.identityextensions is vulnerable to Information Disclosure. A remote unauthenticated attacker is able to gain access to unauthorized endpoints because access tokens directly returns in the URL fragments, resulting in disclosure of sensitive information...

Remote Code Execution (RCE)

umbracocms is vulnerable to Remote Code Execution RCE. Lack of proper checking of supplied user inputs via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx allows an attacker to upload and execute malicious code on the system...

Remote Code Execution (RCE)

Overview UmbracoCms is a package that installs Umbraco Cms in your Visual Studio ASP.NET project Affected versions of this package are vulnerable to Remote Code Execution RCE due to missing checks, allowing authenticated administrators to exploit this vulnerability via msxsl:script in an...

Arbitrary File Upload

Overview UmbracoCms is a package that installs Umbraco Cms in your Visual Studio ASP.NET project Affected versions of this package are vulnerable to Arbitrary File Upload via the Install Packages functionality, leading to Remote Code Execution. Note: As a pre-requisite for exploiting this...

Cross-site Request Forgery (CSRF)

Overview UmbracoCms is a package that installs Umbraco Cms in your Visual Studio ASP.NET project Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF which allows an attacker to perform arbitrary web requests with the identity of the victim, e.g. in order to...

Account Takeover

umbracocms is vulnerable to account takeover. The use of ApplicationUrl in ConstructCallbackUrl to build a URL pointing back to the site allows an attacker to poison password reset URLs and perform account take over...

GHSA-4VP3-VFWW-8648 Incorrect permission enforcement in UmbracoCms

Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access...

Incorrect permission enforcement in UmbracoCms

Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access...

Privilege Escalation

umbracocms is vulnerable to privilege escalation. A user without Applications.Settings access is able to visit a logviewer endpoint due to incorrect access control in Editors/LogViewerController.cs...

Cross-site Request Forgery (CSRF)

umbracocms is vulnerable to cross-site request forgery CSRF attacks. The library does not have any protections against csrf attacks in the ajax headers, allowing a malicios user to conduct CSRF attacks...