Umbraco HQ announced a high-severity security issue affecting versions of Umbraco from Umbraco 8 through to Umbraco 12. All customers are advised to have their sites updated with the available patches. Umbraco Cloud hosted sites are affected and will be patched automatically.
It's also possible that Umbraco 7 and 9 is also affected, however there will be no patch due to Umbraco 9 being out of support. It's recommended to upgrade sites running on Umbraco 9 to at least the latest Umbraco 10 LTS version.
Details on the vulnerability and how to upgrade can be found on Umbraco HQ's blog here: Security Advisory: Security patches for Umbraco 8, 10, 11, and 12 now available
If you would like support or assistance in upgrading your site reach out to us and we'll be glad to help.