Zeegaan

Name of the Vulnerable Software and Affected Versions: Umbraco versions 10.0.0 through 10.8.10 Umbraco versions 13.0.0 through 13.9.1 Description: The issue allows an attacker to retrieve information about the configured password requirements via a request to an anonymously authenticated endpoint. This information, although limited, could be useful for someone attempting to brute force derive a user's password. Recommendations: For versions 10.0.0 through 10.8.10, update to version 10.8.11 or later. For versions 13.0.0 through 13.9.1, update to version 13.9.2 or later.