We operate with a number of severity levels. Below you’ll find a description of the severity levels as well as definitions and examples hereof:

Severity 1 (highest)

  • Umbraco CMS security defect affecting site integrity and/or access to the publishing/editing API.
  • Umbraco CMS defect causing non-availability to site/publishing.
  • Courier defect preventing publishing of time-critical content without a workaround.  

Severity 2

  • Umbraco CMS security defect not affecting site integrity but vulnerability.
  • Umbraco CMS defect causing intermittent site access issues – such as for some users.
  • Courier defect affecting publishing of content.

Severity 3

  • Umbraco CMS defect causing performance issues related to the Umbraco CMS code base.
  • Courier security issue or other issues related to non-public access to Courier – back office.

Severity 4

  • Usage - such as UX, plug-in behaviour, and other UI quirks.
  • Courier performance or usage issues.

Severity 5

  • Ordinary support questions not related to any operational matter.
  • Request for code review and/or architectural advising.


The severity level is decided upon based on mutual agreement.

Want to be updated on everything Umbraco?

Sign up for the Umbraco newsletter and get the latest news and special offers sent directly to your inbox