Umbraco

🚨 Security Advisory, March 11 , 2025 - Patches for Umbraco CMS are now available

Umbraco has released patches for versions 10.0.0 - 10.8.8 and 13.0.0 - 13.7.0, as well as 14.0.0 - 14.3.2 and 15.0.0 - 15.2.2, to address high-severity vulnerabilities related to the ImageSharp dependency. Users are advised to update to the latest minor versions for optimal security.

💬 Umbraco CMS patches available for two moderate-severity security vulnerabilities

📰 Security Advisory, January 21, 2025 - Patches for Umbraco CMS are now available

Umbraco versions 10.0.0-10.8.7, 13.0.0-13.5.2, and 14.0.0-15.1.1 have moderate-severity vulnerabilities, while Umbraco 8 and below are unaffected. Patches are available for the latest minor versions, and Umbraco Cloud sites will receive automatic updates. Vulnerabilities include XSS and user enumeration issues.

📰 Security Advisory, October 22, 2024 - Patches for Umbraco CMS are now available

Umbraco versions 8.0.0 to 14.3.0 are affected by various medium-severity vulnerabilities, requiring users to upgrade to the latest minor versions for patches. Vulnerabilities include stored XSS and potential code execution risks, necessitating authenticated access for exploitation. Users are encouraged to enable automatic minor upgrades for enhanced security.