RSS   Vulnerabilities for 'Umbracoforms'   RSS

2020-07-28
 
CVE-2020-7685

CWE-1188
 

 
This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies.

 

 >>> Vendor: Umbraco 4 Products
Umbraco cms
Umbraco
Umbracos
Umbracoforms


Copyright 2024, cxsecurity.com

 

Back to Top