Vulnerability Database
296,733
Total vulnerabilities in the database
CVE-2025-24012
Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, authenticated users are able to exploit a cross-site scripting vulnerability when viewing certain localized backoffice components. Versions 14.3.2 and 15.1.2 contain a patch.
| Software | From | Fixed in |
|---|---|---|
Umbraco.Cms.StaticAssets
|
14.0.0 | 14.3.2 |
|
Umbraco.Cms.StaticAssets
|
15.0.0 | 15.1.2 |
@umbraco-cms / backoffice
|
14.0.0 | 14.3.2 |
|
@umbraco-cms / backoffice
|
15.0.0 | 15.1.2 |
| umbraco / umbraco_cms | 15.0.0 | 15.1.2 |
| umbraco / umbraco_cms | 14.0.0 | 14.3.2 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime