Filtered by vendor Umbraco
Subscriptions
Filtered by product Umbraco Forms
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33224 | 1 Umbraco | 1 Umbraco Forms | 2023-03-06 | 9.8 Critical |
| File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file. | ||||
| CVE-2020-7685 | 1 Umbraco | 1 Umbraco Forms | 2023-03-02 | 7.5 High |
| This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies. | ||||
Page 1 of 1.