Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for umbraco_forms by umbraco

    CVE-2026-24687 (GCVE-0-2026-24687)

    Vulnerability from nvd – Published: 2026-01-29 19:57 – Updated: 2026-01-29 20:47
    VLAI
    Title
    Umbraco.Forms has path traversal and file enumeration vulnerability in Linux/Mac
    Summary
    Umbraco Forms is a form builder that integrates with the Umbraco content management system. It's possible for an authenticated backoffice-user to enumerate and traverse paths/files on the systems filesystem and read their contents, on Mac/Linux Umbraco installations using Forms. As Umbraco Cloud runs in a Windows environment, Cloud users aren't affected. This issue affects versions 16 and 17 of Umbraco Forms and is patched in 16.4.1 and 17.1.1. If upgrading is not immediately possible, users can mitigate this vulnerability by configuring a WAF or reverse proxy to block requests containing path traversal sequences (`../`, `..\`) in the `fileName` parameter of the export endpoint, restricting network access to the Umbraco backoffice to trusted IP ranges, and/or blocking the `/umbraco/forms/api/v1/export` endpoint entirely if the export feature is not required. However, upgrading to the patched version is strongly recommended.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: >= 16.0.0, < 16.4.1
    Affected: >= 17.0.0, < 17.1.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24687",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T20:39:36.519302Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T20:47:23.180Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.4.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 17.0.0, \u003c 17.1.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco Forms is a form builder that integrates with the Umbraco content management system. It\u0027s possible for an authenticated backoffice-user to enumerate and traverse paths/files on the systems filesystem and read their contents, on Mac/Linux Umbraco installations using Forms. As Umbraco Cloud runs in a Windows environment, Cloud users aren\u0027t affected. This issue affects versions 16 and 17 of Umbraco Forms and is patched in 16.4.1 and 17.1.1. If upgrading is not immediately possible, users can mitigate this vulnerability by configuring a WAF or reverse proxy to block requests containing path traversal sequences (`../`, `..\\`) in the `fileName` parameter of the export endpoint, restricting network access to the Umbraco backoffice to trusted IP ranges, and/or blocking the `/umbraco/forms/api/v1/export` endpoint entirely if the export feature is not required. However, upgrading to the patched version is strongly recommended."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T19:57:24.484Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-hm5p-82g6-m3xh",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-hm5p-82g6-m3xh"
            }
          ],
          "source": {
            "advisory": "GHSA-hm5p-82g6-m3xh",
            "discovery": "UNKNOWN"
          },
          "title": "Umbraco.Forms has path traversal and file enumeration vulnerability in Linux/Mac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-24687",
        "datePublished": "2026-01-29T19:57:24.484Z",
        "dateReserved": "2026-01-23T20:40:23.389Z",
        "dateUpdated": "2026-01-29T20:47:23.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-68924 (GCVE-0-2025-68924)

    Vulnerability from nvd – Published: 2026-01-16 00:00 – Updated: 2026-01-16 19:00 Unsupported When Assigned
    VLAI
    Summary
    In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
    Assigner
    Impacted products
    Vendor Product Version
    Umbraco Forms Affected: 0 , ≤ 8.13.16 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-68924",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T18:59:57.197602Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T19:00:26.430Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "packageURL": "pkg:nuget/UmbracoForms",
              "product": "Forms",
              "vendor": "Umbraco",
              "versions": [
                {
                  "lessThanOrEqual": "8.13.16",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:umbraco:forms:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.13.16",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-829",
                  "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T18:42:31.086Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://our.umbraco.com/packages/developer-tools/umbraco-forms/"
            },
            {
              "url": "https://github.com/advisories/GHSA-vrgw-pc9c-qrrc"
            },
            {
              "url": "https://www.nuget.org/packages/UmbracoForms"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-68924",
        "datePublished": "2026-01-16T00:00:00.000Z",
        "dateReserved": "2025-12-24T00:00:00.000Z",
        "dateUpdated": "2026-01-16T19:00:26.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-47280 (GCVE-0-2025-47280)

    Vulnerability from nvd – Published: 2025-05-13 17:06 – Updated: 2025-05-13 17:36
    VLAI
    Title
    Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
    Summary
    Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow configured vulnerable, as it allows sending the message from a trusted system and address, potentially bypassing spam and email client security systems. This issue affects all (supported) versions Umbraco Forms and is patched in 13.4.2 and 15.1.2. Unpatched or unsupported versions can workaround this issue by using the `Send email with template (Razor)` workflow instead or writing a custom workflow type. To avoid accidentally using the vulnerable workflow again, the `SendEmail` workflow type can be removed using a composer available in the GitHub Security Advisory for this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-116 - Improper Encoding or Escaping of Output
    Assigner
    References
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: >= 7.0.0, < 13.4.2
    Affected: >= 15.0.0, < 15.1.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47280",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T17:36:31.057513Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T17:36:37.775Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 7.0.0, \u003c 13.4.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 15.0.0, \u003c 15.1.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the \u0027Send email\u0027 workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow configured vulnerable, as it allows sending the message from a trusted system and address, potentially bypassing spam and email client security systems. This issue affects all (supported) versions Umbraco Forms and is patched in 13.4.2 and 15.1.2. Unpatched or unsupported versions can workaround this issue by using the `Send email with template (Razor)` workflow instead or writing a custom workflow type. To avoid accidentally using the vulnerable workflow again, the `SendEmail` workflow type can be removed using a composer available in the GitHub Security Advisory for this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:H/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "CWE-116: Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-13T17:06:56.715Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-2qrj-g9hq-chph",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-2qrj-g9hq-chph"
            }
          ],
          "source": {
            "advisory": "GHSA-2qrj-g9hq-chph",
            "discovery": "UNKNOWN"
          },
          "title": "Umbraco.Forms has HTML injection vulnerability in \u0027Send email\u0027 workflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-47280",
        "datePublished": "2025-05-13T17:06:56.715Z",
        "dateReserved": "2025-05-05T16:53:10.373Z",
        "dateUpdated": "2025-05-13T17:36:37.775Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23041 (GCVE-0-2025-23041)

    Vulnerability from nvd – Published: 2025-01-14 18:54 – Updated: 2025-01-14 20:44
    VLAI
    Title
    Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms
    Summary
    Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: < 8.13.16
    Affected: >= 10.0.0, < 10.5.7
    Affected: >= 11.0.0, < 13.2.2
    Affected: >= 14.0.0, < 14.1.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23041",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-14T20:43:43.541022Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-14T20:44:40.909Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 8.13.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 10.0.0, \u003c 10.5.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 11.0.0, \u003c 13.2.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 14.0.0, \u003c 14.1.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-14T18:54:45.430Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-9v8m-qv22-f268",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-9v8m-qv22-f268"
            }
          ],
          "source": {
            "advisory": "GHSA-9v8m-qv22-f268",
            "discovery": "UNKNOWN"
          },
          "title": "Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-23041",
        "datePublished": "2025-01-14T18:54:45.430Z",
        "dateReserved": "2025-01-10T15:11:08.883Z",
        "dateUpdated": "2025-01-14T20:44:40.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-35239 (GCVE-0-2024-35239)

    Vulnerability from nvd – Published: 2024-05-28 20:15 – Updated: 2024-08-02 03:07
    VLAI
    Title
    Stored Cross-site Scripting on Components of Umbraco Forms
    Summary
    Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of the patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: >= 13.0.0, < 13.0.1
    Affected: >= 12.0.0, < 12.2.2
    Affected: >= 10.0.0, < 10.5.3
    Affected: < 8.13.13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-35239",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T20:41:29.769321Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T20:42:39.260Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:07:46.872Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.0.0, \u003c 13.0.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 12.0.0, \u003c 12.2.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 10.0.0, \u003c 10.5.3"
                },
                {
                  "status": "affected",
                  "version": "\u003c 8.13.13 "
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of the patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-28T20:15:28.512Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024"
            }
          ],
          "source": {
            "advisory": "GHSA-p572-p2rj-q5f4",
            "discovery": "UNKNOWN"
          },
          "title": "Stored Cross-site Scripting on Components of Umbraco Forms"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-35239",
        "datePublished": "2024-05-28T20:15:28.512Z",
        "dateReserved": "2024-05-14T15:39:41.786Z",
        "dateUpdated": "2024-08-02T03:07:46.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-33224 (GCVE-0-2021-33224)

    Vulnerability from nvd – Published: 2023-02-24 00:00 – Updated: 2025-03-12 13:55
    VLAI
    Summary
    File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:20.308Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://umbraco.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://our.umbraco.com/packages/developer-tools/umbraco-forms"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-33224",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-12T13:55:39.606719Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T13:55:53.583Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-24T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "http://umbraco.com"
            },
            {
              "url": "https://our.umbraco.com/packages/developer-tools/umbraco-forms"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-33224",
        "datePublished": "2023-02-24T00:00:00.000Z",
        "dateReserved": "2021-05-20T00:00:00.000Z",
        "dateUpdated": "2025-03-12T13:55:53.583Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-7685 (GCVE-0-2020-7685)

    Vulnerability from nvd – Published: 2020-07-28 16:25 – Updated: 2024-09-16 17:14
    VLAI
    Title
    Insecure Defaults
    Summary
    This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies.
    CWE
    • Insecure Defaults
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a UmbracoForms Affected: 0 , < unspecified (custom)
    Date Public
    2020-07-28 00:00
    Credits
    Adrian Gigliotti from Shearwater Solutions
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:41:00.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "UmbracoForms",
              "vendor": "n/a",
              "versions": [
                {
                  "lessThan": "unspecified",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Adrian Gigliotti from Shearwater Solutions"
            }
          ],
          "datePublic": "2020-07-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insecure Defaults",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-28T16:25:15.000Z",
            "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
            "shortName": "snyk"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765"
            }
          ],
          "title": "Insecure Defaults",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "report@snyk.io",
              "DATE_PUBLIC": "2020-07-28T16:21:04.556452Z",
              "ID": "CVE-2020-7685",
              "STATE": "PUBLIC",
              "TITLE": "Insecure Defaults"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "UmbracoForms",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_value": "0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Adrian Gigliotti from Shearwater Solutions"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insecure Defaults"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "assignerShortName": "snyk",
        "cveId": "CVE-2020-7685",
        "datePublished": "2020-07-28T16:25:15.127Z",
        "dateReserved": "2020-01-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:14:53.209Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-24687 (GCVE-0-2026-24687)

    Vulnerability from cvelistv5 – Published: 2026-01-29 19:57 – Updated: 2026-01-29 20:47
    VLAI
    Title
    Umbraco.Forms has path traversal and file enumeration vulnerability in Linux/Mac
    Summary
    Umbraco Forms is a form builder that integrates with the Umbraco content management system. It's possible for an authenticated backoffice-user to enumerate and traverse paths/files on the systems filesystem and read their contents, on Mac/Linux Umbraco installations using Forms. As Umbraco Cloud runs in a Windows environment, Cloud users aren't affected. This issue affects versions 16 and 17 of Umbraco Forms and is patched in 16.4.1 and 17.1.1. If upgrading is not immediately possible, users can mitigate this vulnerability by configuring a WAF or reverse proxy to block requests containing path traversal sequences (`../`, `..\`) in the `fileName` parameter of the export endpoint, restricting network access to the Umbraco backoffice to trusted IP ranges, and/or blocking the `/umbraco/forms/api/v1/export` endpoint entirely if the export feature is not required. However, upgrading to the patched version is strongly recommended.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: >= 16.0.0, < 16.4.1
    Affected: >= 17.0.0, < 17.1.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24687",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T20:39:36.519302Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T20:47:23.180Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.4.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 17.0.0, \u003c 17.1.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco Forms is a form builder that integrates with the Umbraco content management system. It\u0027s possible for an authenticated backoffice-user to enumerate and traverse paths/files on the systems filesystem and read their contents, on Mac/Linux Umbraco installations using Forms. As Umbraco Cloud runs in a Windows environment, Cloud users aren\u0027t affected. This issue affects versions 16 and 17 of Umbraco Forms and is patched in 16.4.1 and 17.1.1. If upgrading is not immediately possible, users can mitigate this vulnerability by configuring a WAF or reverse proxy to block requests containing path traversal sequences (`../`, `..\\`) in the `fileName` parameter of the export endpoint, restricting network access to the Umbraco backoffice to trusted IP ranges, and/or blocking the `/umbraco/forms/api/v1/export` endpoint entirely if the export feature is not required. However, upgrading to the patched version is strongly recommended."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-29T19:57:24.484Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-hm5p-82g6-m3xh",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-hm5p-82g6-m3xh"
            }
          ],
          "source": {
            "advisory": "GHSA-hm5p-82g6-m3xh",
            "discovery": "UNKNOWN"
          },
          "title": "Umbraco.Forms has path traversal and file enumeration vulnerability in Linux/Mac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-24687",
        "datePublished": "2026-01-29T19:57:24.484Z",
        "dateReserved": "2026-01-23T20:40:23.389Z",
        "dateUpdated": "2026-01-29T20:47:23.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-68924 (GCVE-0-2025-68924)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:00 – Updated: 2026-01-16 19:00 Unsupported When Assigned
    VLAI
    Summary
    In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
    Assigner
    Impacted products
    Vendor Product Version
    Umbraco Forms Affected: 0 , ≤ 8.13.16 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-68924",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T18:59:57.197602Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T19:00:26.430Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "packageURL": "pkg:nuget/UmbracoForms",
              "product": "Forms",
              "vendor": "Umbraco",
              "versions": [
                {
                  "lessThanOrEqual": "8.13.16",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:umbraco:forms:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "8.13.16",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-829",
                  "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T18:42:31.086Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://our.umbraco.com/packages/developer-tools/umbraco-forms/"
            },
            {
              "url": "https://github.com/advisories/GHSA-vrgw-pc9c-qrrc"
            },
            {
              "url": "https://www.nuget.org/packages/UmbracoForms"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-68924",
        "datePublished": "2026-01-16T00:00:00.000Z",
        "dateReserved": "2025-12-24T00:00:00.000Z",
        "dateUpdated": "2026-01-16T19:00:26.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-47280 (GCVE-0-2025-47280)

    Vulnerability from cvelistv5 – Published: 2025-05-13 17:06 – Updated: 2025-05-13 17:36
    VLAI
    Title
    Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
    Summary
    Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow configured vulnerable, as it allows sending the message from a trusted system and address, potentially bypassing spam and email client security systems. This issue affects all (supported) versions Umbraco Forms and is patched in 13.4.2 and 15.1.2. Unpatched or unsupported versions can workaround this issue by using the `Send email with template (Razor)` workflow instead or writing a custom workflow type. To avoid accidentally using the vulnerable workflow again, the `SendEmail` workflow type can be removed using a composer available in the GitHub Security Advisory for this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-116 - Improper Encoding or Escaping of Output
    Assigner
    References
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: >= 7.0.0, < 13.4.2
    Affected: >= 15.0.0, < 15.1.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47280",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T17:36:31.057513Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T17:36:37.775Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 7.0.0, \u003c 13.4.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 15.0.0, \u003c 15.1.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the \u0027Send email\u0027 workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow configured vulnerable, as it allows sending the message from a trusted system and address, potentially bypassing spam and email client security systems. This issue affects all (supported) versions Umbraco Forms and is patched in 13.4.2 and 15.1.2. Unpatched or unsupported versions can workaround this issue by using the `Send email with template (Razor)` workflow instead or writing a custom workflow type. To avoid accidentally using the vulnerable workflow again, the `SendEmail` workflow type can be removed using a composer available in the GitHub Security Advisory for this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:H/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "CWE-116: Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-13T17:06:56.715Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-2qrj-g9hq-chph",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-2qrj-g9hq-chph"
            }
          ],
          "source": {
            "advisory": "GHSA-2qrj-g9hq-chph",
            "discovery": "UNKNOWN"
          },
          "title": "Umbraco.Forms has HTML injection vulnerability in \u0027Send email\u0027 workflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-47280",
        "datePublished": "2025-05-13T17:06:56.715Z",
        "dateReserved": "2025-05-05T16:53:10.373Z",
        "dateUpdated": "2025-05-13T17:36:37.775Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23041 (GCVE-0-2025-23041)

    Vulnerability from cvelistv5 – Published: 2025-01-14 18:54 – Updated: 2025-01-14 20:44
    VLAI
    Title
    Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms
    Summary
    Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: < 8.13.16
    Affected: >= 10.0.0, < 10.5.7
    Affected: >= 11.0.0, < 13.2.2
    Affected: >= 14.0.0, < 14.1.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23041",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-14T20:43:43.541022Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-14T20:44:40.909Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 8.13.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 10.0.0, \u003c 10.5.7"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 11.0.0, \u003c 13.2.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 14.0.0, \u003c 14.1.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-14T18:54:45.430Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-9v8m-qv22-f268",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-9v8m-qv22-f268"
            }
          ],
          "source": {
            "advisory": "GHSA-9v8m-qv22-f268",
            "discovery": "UNKNOWN"
          },
          "title": "Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-23041",
        "datePublished": "2025-01-14T18:54:45.430Z",
        "dateReserved": "2025-01-10T15:11:08.883Z",
        "dateUpdated": "2025-01-14T20:44:40.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-35239 (GCVE-0-2024-35239)

    Vulnerability from cvelistv5 – Published: 2024-05-28 20:15 – Updated: 2024-08-02 03:07
    VLAI
    Title
    Stored Cross-site Scripting on Components of Umbraco Forms
    Summary
    Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of the patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    umbraco Umbraco.Forms.Issues Affected: >= 13.0.0, < 13.0.1
    Affected: >= 12.0.0, < 12.2.2
    Affected: >= 10.0.0, < 10.5.3
    Affected: < 8.13.13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-35239",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T20:41:29.769321Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T20:42:39.260Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:07:46.872Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes"
              },
              {
                "name": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Umbraco.Forms.Issues",
              "vendor": "umbraco",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.0.0, \u003c 13.0.1"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 12.0.0, \u003c 12.2.2"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 10.0.0, \u003c 10.5.3"
                },
                {
                  "status": "affected",
                  "version": "\u003c 8.13.13 "
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of the patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-28T20:15:28.512Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-p572-p2rj-q5f4"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes"
            },
            {
              "name": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024"
            }
          ],
          "source": {
            "advisory": "GHSA-p572-p2rj-q5f4",
            "discovery": "UNKNOWN"
          },
          "title": "Stored Cross-site Scripting on Components of Umbraco Forms"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-35239",
        "datePublished": "2024-05-28T20:15:28.512Z",
        "dateReserved": "2024-05-14T15:39:41.786Z",
        "dateUpdated": "2024-08-02T03:07:46.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-33224 (GCVE-0-2021-33224)

    Vulnerability from cvelistv5 – Published: 2023-02-24 00:00 – Updated: 2025-03-12 13:55
    VLAI
    Summary
    File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:20.308Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://umbraco.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://our.umbraco.com/packages/developer-tools/umbraco-forms"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-33224",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-12T13:55:39.606719Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T13:55:53.583Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-24T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "http://umbraco.com"
            },
            {
              "url": "https://our.umbraco.com/packages/developer-tools/umbraco-forms"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-33224",
        "datePublished": "2023-02-24T00:00:00.000Z",
        "dateReserved": "2021-05-20T00:00:00.000Z",
        "dateUpdated": "2025-03-12T13:55:53.583Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-7685 (GCVE-0-2020-7685)

    Vulnerability from cvelistv5 – Published: 2020-07-28 16:25 – Updated: 2024-09-16 17:14
    VLAI
    Title
    Insecure Defaults
    Summary
    This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies.
    CWE
    • Insecure Defaults
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a UmbracoForms Affected: 0 , < unspecified (custom)
    Date Public
    2020-07-28 00:00
    Credits
    Adrian Gigliotti from Shearwater Solutions
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:41:00.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "UmbracoForms",
              "vendor": "n/a",
              "versions": [
                {
                  "lessThan": "unspecified",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Adrian Gigliotti from Shearwater Solutions"
            }
          ],
          "datePublic": "2020-07-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insecure Defaults",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-28T16:25:15.000Z",
            "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
            "shortName": "snyk"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765"
            }
          ],
          "title": "Insecure Defaults",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "report@snyk.io",
              "DATE_PUBLIC": "2020-07-28T16:21:04.556452Z",
              "ID": "CVE-2020-7685",
              "STATE": "PUBLIC",
              "TITLE": "Insecure Defaults"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "UmbracoForms",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_value": "0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Adrian Gigliotti from Shearwater Solutions"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insecure Defaults"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "assignerShortName": "snyk",
        "cveId": "CVE-2020-7685",
        "datePublished": "2020-07-28T16:25:15.127Z",
        "dateReserved": "2020-01-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:14:53.209Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }