Lucene search
K

135 matches found

Vulnrichment
Vulnrichment
added 2025/01/07 7:49 a.m.5 views

CVE-2024-11626

Improper Neutralization of Input During CMS Backend adminstrative section Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from...

8.4CVSS7.2AI score0.00344EPSS
Exploits0References2
CVE
CVE
added 2025/01/07 7:49 a.m.61 views

CVE-2024-11626

Progress Sitefinity CVE-2024-11626 is an XSS-type vulnerability due to improper input neutralization in the CMS backend page generation. It affects Sitefinity releases 4.0–14.4.8142, 15.0.8200–15.0.8229, 15.1.8300–15.1.8327, and 15.2.8400–15.2.8421. The CVE details are corroborated by NVD, Red Ha...

8.4CVSS8.5AI score0.00344EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/01/07 7:49 a.m.13 views

CVE-2024-11626

Improper Neutralization of Input During CMS Backend adminstrative section Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from...

8.4CVSS0.00344EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.3 views

Progress Sitefinity 安全漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity, which stems from an error message vulnerability that could lead to information disclosure...

8.4CVSS6.2AI score0.00344EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

Progress Sitefinity 安全漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity that stems from improper input neutralization during web page generation, resulting in a cross-site scripti...

8.4CVSS5.9AI score0.00344EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

Progress Sitefinity 安全漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity that stems from the presence of a session expiration vulnerability that allows session repair...

8.4CVSS6.4AI score0.00344EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.5 views

PT-2025-1671 · Progress · Sitefinity

Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 4.0 through 14.4.8142 Progress Sitefinity versions 15.0.8200 through 15.0.8229 Progress Sitefinity versions 15.1.8300 through 15.1.8327 Progress Sitefinity versions 15.2.8400 through 15.2.8421 Description: The iss...

8.4CVSS5.4AI score0.00344EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/07/08 12:0 a.m.6 views

Progress Sitefinity Security Breach

Progress Software Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress Software, USA. A security vulnerability exists in Progress Sitefinity 15.1.8321.0 and earlier versions, which could allow users to be redirected to an arbitrary site...

5.3CVSS6.8AI score0.00384EPSS
Exploits0References3
NVD
NVD
added 2024/06/16 9:15 p.m.42 views

CVE-2023-27636

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...

6.5CVSS0.01302EPSS
Exploits4References2
OSV
OSV
added 2024/06/16 9:15 p.m.5 views

CVE-2023-27636

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...

5.4CVSS5.8AI score0.01302EPSS
Exploits4References2
CVE
CVE
added 2024/06/16 12:0 a.m.64 views

CVE-2023-27636

Progress Sitefinity before 15.0.0 allows Cross‑Site Scripting (XSS) by authenticated users via the SF Editor’s content form. Affected component: SF Editor in Sitefinity; vulnerability arises in input handling within the editor, enabling script execution when payloads are submitted and viewed. Imp...

6.5CVSS6AI score0.01302EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.35 views

CVE-2023-27636

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...

0.01302EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.15 views

CVE-2023-27636

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...

5.9AI score0.01302EPSS
Exploits4References2
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.3 views

Progress Sitefinity Cross-Site Scripting Vulnerability

Progress Sitefinity is an open source platform for building corporate websites and intranets. A cross-site scripting vulnerability exists in Progress Sitefinity due to cross-site scripting in the page editing area...

8.8CVSS6.1AI score0.005EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.6 views

Progress Sitefinity Security Breach

Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity, which can be exploited to obtain sensitive information through the site administrative area by a user with access to the Sitefinity backend...

8.8CVSS6.3AI score0.005EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/20 12:0 a.m.3 views

Progress Sitefinity Input Validation Error Vulnerability

Progress Sitefinity is an open source platform for building corporate websites and intranets. Progress Sitefinity has an input validation error vulnerability that originates from a malicious user who may use the system to distribute phishing emails...

4.7CVSS6.8AI score0.00379EPSS
Exploits0References4
OSV
OSV
added 2023/04/10 3:15 p.m.3 views

CVE-2023-29376

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

5.4CVSS5.8AI score0.00414EPSS
Exploits0References2
NVD
NVD
added 2023/04/10 3:15 p.m.25 views

CVE-2023-29376

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

5.4CVSS5.2AI score0.00414EPSS
Exploits0References2
NVD
NVD
added 2023/04/10 3:15 p.m.18 views

CVE-2023-29375

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...

9.8CVSS9.5AI score0.00797EPSS
Exploits0References2
Prion
Prion
added 2023/04/10 3:15 p.m.32 views

Code injection

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

4.9CVSS5.2AI score0.00414EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder