Arnehildrum

**Name of the Vulnerable Software and Affected Versions** Umbraco versions prior to 10.8.10 Umbraco versions prior to 13.8.1 **Description** The issue allows an attacker to determine whether an account exists based on an analysis of the timing of post login API responses. No known workarounds are available. **Recommendations** For versions prior to 10.8.10, update to version 10.8.10 or later. For versions prior to 13.8.1, update to version 13.8.1 or later.