Umbraco Forms vulnerabilities
2 known vulnerabilities affecting umbraco/forms.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2021-37334P2CRITICALCVSS 9.8≥ 4.0.0, < 4.4.9≥ 6.0.0, < 6.0.10+14 more2021-08-25
CVE-2021-37334 [CRITICAL] CVE-2021-37334: Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw th
Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw that could lead to a remote code execution attack and/or arbitrary file deletion. A vulnerability occurs because validation of the file extension is performed after the file has been stored in a temporary directory. By default, files are stored within the app
nvd
CVE-2025-68924P3HIGHCVSS 7.5≤ 8.13.162026-01-16
CVE-2025-68924 [HIGH] CWE-829 CVE-2025-68924: In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
nvd