How severe is CVE-2025-23041?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2025-23041?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2025-23041 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue.

Related Vulnerabilities

CVE-2015-7282

MEDIUM

CVSS:5.8(Medium)

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the des...

CWE-202015

CVE-2015-7794

MEDIUM

CVSS:5.8(Medium)

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries.

CWE-202015

CVE-2017-0179

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a...

CWE-202017

CVE-2017-0182

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server ...

CWE-202017

CVE-2017-0183

MEDIUM

CVSS:5.8(Medium)

CWE-202017

CVE-2017-0185

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fai...

CWE-202017