CVE-2021-37334

Umbraco Forms versions 4.0.0 through 8.7.5 (and older) are vulnerable to remote code execution and arbitrary file deletion due to file-extension validation occurring after files are stored in a temporary directory (%BASEDIR%/APP_DATA/TEMP/FileUploads/). The web.config protections restricting this...