Umbraco Umbraco

4 CVEs affecting Umbraco Umbraco. Latest disclosed: 2026-01-15. Critical: 0, High: 2.

Top CVEs affecting Umbraco Umbraco
CVE	Severity	Score	Published	Summary
`CVE-2015-8814`	High	`8.8`	2017-03-03	Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by…
`CVE-2015-8813`	High	`8.2`	2017-03-03	The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct serve…
`CVE-2015-8815`	Medium	`6.1`	2017-03-03	Multiple cross-site scripting (XSS) vulnerabilities in Umbraco before 7.4.0 allow remote attackers to inject arbitrary web script or HTML via the name paramete…
`CVE-2021-47776`	Medium	`5.3`	2026-01-15	Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help…