We have a potential client who is interested in using Umbraco. They are in the security industry and are understandably interested in that area as it relates to a new CMS. They asked about Umbraco's "security track record". I know the community takes security very seriously and a hardened server infrastructure and proper configuration are just as important.
But have there been any high profile security breaches that anyone knows about that were a result of a flaw in the code?
Lee Kelleher has an archive page where the different known security issues are also mentioned with a link to the official statement from Umbraco HQ - You can find it here http://code.leekelleher.com/umbraco/archive/
HQ has been responding very fast each time flaws has been found and are always listening if somebody finds a breach.
Umbraco Security history
We have a potential client who is interested in using Umbraco. They are in the security industry and are understandably interested in that area as it relates to a new CMS. They asked about Umbraco's "security track record". I know the community takes security very seriously and a hardened server infrastructure and proper configuration are just as important.
But have there been any high profile security breaches that anyone knows about that were a result of a flaw in the code?
Thanks!
Hi Solomon
Lee Kelleher has an archive page where the different known security issues are also mentioned with a link to the official statement from Umbraco HQ - You can find it here http://code.leekelleher.com/umbraco/archive/
HQ has been responding very fast each time flaws has been found and are always listening if somebody finds a breach.
I hope this helps answering your question.
/Jan
is working on a reply...