Umbraco Cms@13.0 Security Vulnerabilities and Issues — Umbraco Cms@13.0 CVE List

Lucene search

UmbracoUmbraco Cms13.0

3 matches found

CVE•added 2024/10/22 4:15 p.m.•48 views

CVE-2024-48927

Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full sc...

4.6CVSS5.3AI score0.0012EPSS

CVE•added 2024/10/22 4:15 p.m.•46 views

CVE-2024-48929

Umbraco is a free and open source .NET content management system. In versions on the 13.x branch prior to 13.5.2 and versions on the 10.x branch prior to 10.8.7, during an explicit sign-out, the server session is not fully terminated. Versions 13.5.2 and 10.8.7 contain a patch for the issue.

4.2CVSS4.4AI score0.00105EPSS

CVE•added 2024/10/22 4:15 p.m.•37 views

CVE-2024-48926

Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. The Backoffice displays the logout page with a session timeout message before the server sessi...

4.2CVSS4.3AI score0.00105EPSS