Bergmania

**Name of the Vulnerable Software and Affected Versions** Umbraco versions 13.x prior to 13.5.2 Umbraco versions 10.x prior to 10.8.7 Umbraco versions 8.x prior to 8.18.15 **Description** There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full screen mode. This issue allows for remote code execution. **Recommendations** For versions 13.x prior to 13.5.2, update to version 13.5.2 to resolve the issue. For versions 10.x prior to 10.8.7, update to version 10.8.7 to resolve the issue. For versions 8.x prior to 8.18.15, update to version 8.18.15 to resolve the issue. As a temporary workaround, consider enabling server-side file validation to strip script tags from a file's content during the file upload process.

**Name of the Vulnerable Software and Affected Versions** Umbraco versions 13.x prior to 13.5.2 Umbraco versions 10.x prior to 10.8.7 **Description** The issue occurs during an explicit sign-out, where the server session is not fully terminated. This affects Umbraco, a free and open source .NET content management system. **Recommendations** For Umbraco versions 13.x prior to 13.5.2, update to version 13.5.2 to resolve the issue. For Umbraco versions 10.x prior to 10.8.7, update to version 10.8.7 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Umbraco versions prior to 14.1.2 **Description** The issue concerns Umbraco, an ASP.NET CMS, where some endpoints in the Management API can return stack trace information even when Umbraco is not in debug mode. This can occur, for example, when paging with negative numbers in some APIs, leading to the leakage of stack traces in case of internal server errors, regardless of the debug setting being disabled. **Recommendations** For versions prior to 14.1.2, update to version 14.1.2 to resolve the issue. As a temporary workaround, consider restricting access to the Management API endpoints that are leaking stack trace information until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** Umbraco CMS versions prior to 14.1.2 **Description** The issue allows an authenticated user to access a few unintended endpoints. This is because a few endpoints in the Umbraco Management API were not properly protected, requiring only authentication. As a result, it was possible to retrieve information from these endpoints using a member token. **Recommendations** For versions prior to 14.1.2, update to version 14.1.2 to resolve the issue. As a temporary workaround, consider restricting access to the unintended endpoints in the Umbraco Management API until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Umbraco versions 8.0.0 through 8.18.9 Umbraco versions 8.18.10 is not affected, but versions prior to 10.7.0 are affected, so Umbraco versions 10.0.0 through 10.6.9 Umbraco versions 12.0.0 through 12.0.9 **Description** A user with access to a specific part of the backoffice is able to inject HTML code into a form where it is not intended. This can be achieved by a person with access to the backoffice and the "users" section, who could send a user invite and inject HTML code into the invite message. **Recommendations** For Umbraco versions 8.0.0 through 8.18.9, update to version 8.18.10 or later. For Umbraco versions 10.0.0 through 10.6.9, update to version 10.7.0 or later. For Umbraco versions 12.0.0 through 12.0.9, update to version 12.1.0 or later.