Identifier

CVE-2020-7685

Package Slug

nuget/umbracoforms

Vulnerability

Insecure Default Initialization of Resource

Description

This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-07-30

source