Filtered by vendor Umbraco
Subscriptions
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-48925 | 1 Umbraco | 1 Umbraco Cms | 2024-10-25 | 0 Low |
| Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to access the webhook API and retrieve information that should be restricted to users with access to the settings section. Version 14.3.0 contains a patch. | ||||
| CVE-2024-43377 | 1 Umbraco | 1 Umbraco Cms | 2024-09-03 | 5.4 Medium |
| Umbraco CMS is an ASP.NET CMS. An authenticated user can access a few unintended endpoints. This issue is fixed in 14.1.2. | ||||
| CVE-2024-43376 | 1 Umbraco | 1 Umbraco Cms | 2024-08-26 | 4.3 Medium |
| Umbraco is an ASP.NET CMS. Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. This vulnerability is fixed in 14.1.2. | ||||