Total vulnerabilities in the database
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.1.0, a user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended. Versions 8.18.10, 10.7.0, and 12.1.0 contain a patch for this issue.
Software | From | Fixed in |
---|---|---|
![]() |
8.0.0 | 8.18.10 |
![]() |
9.0.0 | 10.7.0 |
![]() |
11.0.0 | 12.1.0 |
umbraco / umbraco_cms | 8.0.0 | 8.18.10 |
umbraco / umbraco_cms | 9.0.0 | 10.7.0 |
umbraco / umbraco_cms | 11.0.0 | 12.1.0 |