📦 Umbraco Forms

This vulnerability allows unauthenticated attackers to upload malicious web.config and ASP files through Umbraco Forms, leading to arbitrary code execution on the server. It affects Umbraco Forms vers...

This vulnerability allows authenticated attackers in UmbracoForms to execute arbitrary code by supplying a malicious WSDL URL as a data source. It affects all UmbracoForms installations up to version ...

This vulnerability allows authenticated Umbraco backoffice users to perform path traversal attacks, enabling them to enumerate and read arbitrary files on the server filesystem. It affects Umbraco For...

Umbraco.Forms has a vulnerability where character limits for form fields are only enforced client-side, not server-side. This allows attackers to bypass input validation by submitting data exceeding c...