CVE-2017-18175

2018-02-12T14:29:00
ID CVE-2017-18175
Type cve
Reporter cve@mitre.org
Modified 2018-03-05T19:57:00

Description

Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.