Umbraco · Umbraco Forms · CVE-2020-7685
**Name of the Vulnerable Software and Affected Versions**
UmbracoForms versions (all versions)
**Description**
The issue allows uploading arbitrary file types when using the default configuration for upload forms. Users can mitigate this by creating a custom workflow and frontend validation to block certain file types based on their security needs and policies.
**Recommendations**
For all versions, create a custom workflow and implement frontend validation to block upload of unwanted file types, aligning with your security policies.