Umbraco HQ announced a high-severity security issue affecting versions of Umbraco from Umbraco 8 through to Umbraco 12.  All customers are advised to have their sites updated with the available patches.  Umbraco Cloud hosted sites are affected and will be patched automatically.

It's also possible that Umbraco 7 and 9 is also affected, however there will be no patch due to Umbraco 9 being out of support.  It's recommended to upgrade sites running on Umbraco 9 to at least the latest Umbraco 10 LTS version.

Key Facts

  • All sites using the Unattended Install feature are not subject to the vulnerability.
  • Umbraco Cloud are affected by the vulnerability, but will be upgraded automatically by Umbraco.
  • Sites running Umbraco 7 and 9 are very likely to be affected by the vulnerability, but will not receive a fix as it's out of support.

Details on the vulnerability and how to upgrade can be found on Umbraco HQ's blog here: Security Advisory: Security patches for Umbraco 8, 10, 11, and 12 now available

If you would like support or assistance in upgrading your site reach out to us and we'll be glad to help.

Robert Foster Robert Foster By Robert Foster

Share this article... Twitter Facebook LinkedIn
Interested in keeping your Umbraco investment up to date?  Have a look at our support options and contact us today.

Keep Reading