Umbraco

Umbraco

The official profile for Umbraco - The Friendly OpenSource ASP.NET CMS. Managed by Umbraco HQ.

https://umbraco.com

#security

UMB.FYI
2025-01-22

📰 Security Advisory, January 21, 2025 - Patches for Umbraco CMS are now available

Umbraco versions 10.0.0-10.8.7, 13.0.0-13.5.2, and 14.0.0-15.1.1 have moderate-severity vulnerabilities, while Umbraco 8 and below are unaffected. Patches are available for the latest minor versions, and Umbraco Cloud sites will receive automatic updates. Vulnerabilities include XSS and user enumeration issues.

#security
UMB.FYI
2024-10-23

📰 Security Advisory, October 22, 2024 - Patches for Umbraco CMS are now available

Umbraco versions 8.0.0 to 14.3.0 are affected by various medium-severity vulnerabilities, requiring users to upgrade to the latest minor versions for patches. Vulnerabilities include stored XSS and potential code execution risks, necessitating authenticated access for exploitation. Users are encouraged to enable automatic minor upgrades for enhanced security.

#security
UMB.FYI
Archive Polls Tips Firehose Privacy About

UMB.FYI is built with ❤ by the Umbraco community and is not affiliated with Umbraco HQ