You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Authenticated user that has access to edit Forms may inject unsafe code into Forms components.
Patches
Issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13).
RaphaelCSSilva Reporter
Impact
Authenticated user that has access to edit Forms may inject unsafe code into Forms components.
Patches
Issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13).
References
https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024
https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024
https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes
https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values