Umbraco HQ announced a high-severity security issue affecting versions of Umbraco from Umbraco 10 to Umbraco 12.  All customers are advised to have their sites updated with the available patches.  Umbraco Cloud hosted sites are not affected.

It's also possible that Umbraco 9 is also affected, however there will be no patch due to Umbraco 9 being out of support.  It's recommended to upgrade sites running on Umbraco 9 to at least the latest Umbraco 10 LTS version.

We do know that sites running on Umbraco Cloud are not affected; we also know that the exploit can be mitigated by ensuring Automatic Upgrades is enabled.

Key Facts

  • All sites using the Unattended Install feature are not subject to the vulnerability.
  • Umbraco Cloud are not affected by the vulnerability, but will be upgraded regardless by Umbraco.
  • Sites running Umbraco 9 are very likely to be affected by the vulnerability, but will not receive a fix as it's out of support.

Details on the vulnerability and how to upgrade can be found on Umbraco HQ's blog here: Umbraco Security Advisory, July 13, 2023.

If you would like support or assistance in upgrading your site reach out to us and we'll be glad to help.

Robert Foster Robert Foster By Robert Foster
Share this article... Twitter Facebook LinkedIn
Interested in keeping your Umbraco investment up to date?  Have a look at our support options and contact us today.
View our Support Packages Talk to us about an upgrade today

Keep Reading

Umbraco Security Advisory 12 December 2023 announced

Umbraco Security Advisory 12 December 2023 announced

Umbraco HQ announced a high-severity security issue affecting versions of Umbraco from Umbraco 8 through to Umbraco 12.  All customers are advised to have their sites updated with the available patches.  Umbraco Cloud hosted sites are affected but will get patched automatically.

Robert Foster Robert Foster Robert Foster
Unlocking Success with User Experience (UX) Best Practices

Unlocking Success with User Experience (UX) Best Practices

User Experience (UX) has become an integral part of building successful digital products and services. In today's competitive landscape, businesses need to prioritise the needs and expectations of their users to deliver delightful experiences. This blog post explores the significance of UX, its benefits, and highlights some of the best practices to ensure exceptional user experiences.

Chris Gregson Chris Gregson Chris Gregson
.NET Maui for cross-platform apps

.NET Maui for cross-platform apps

MAUI is a popular open-source community-driven project. The platform has many contributions from both Microsoft and open-source developers alike, ensuring that any bugs and new features are thoroughly tested and rapidly deployed to the general community.

UX and SEO: Uniting Forces for a Winning Online Strategy

UX and SEO: Uniting Forces for a Winning Online Strategy

UX and SEO, once considered rivals, now dance together in harmony. User Experience (UX) aims to delight visitors, while Search Engine Optimisation (SEO) aims to gain visibility. Finding the right balance between the two has been challenging for marketers and UX designers, but the key lies in integrating these practices from the beginning. In this article, we'll explore how UX and SEO complement each other, their occasional conflicts, and how to find common ground to create solid digital experiences.

Chris Gregson Chris Gregson Chris Gregson
UX Demystified: Why It's a Must-Have for Your Online Success

UX Demystified: Why It's a Must-Have for Your Online Success

In online marketing, some believe that User Experience (UX) is optional, viewing it merely as a way to make things look good. This misconception is dangerous, as UX goes beyond aesthetics – it involves understanding how users think and engage with digital experiences. In today's fast-paced digital landscape, UX design is no longer a "nice-to-have" but a critical component for success. This article explores why UX is indispensable and how it can significantly impact usability, engagement, and performance.

Chris Gregson Chris Gregson Chris Gregson