135 matches found
CVE-2024-11626
Improper Neutralization of Input During CMS Backend adminstrative section Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from...
CVE-2024-11626
Progress Sitefinity CVE-2024-11626 is an XSS-type vulnerability due to improper input neutralization in the CMS backend page generation. It affects Sitefinity releases 4.0–14.4.8142, 15.0.8200–15.0.8229, 15.1.8300–15.1.8327, and 15.2.8400–15.2.8421. The CVE details are corroborated by NVD, Red Ha...
CVE-2024-11626
Improper Neutralization of Input During CMS Backend adminstrative section Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from...
Progress Sitefinity 安全漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity, which stems from an error message vulnerability that could lead to information disclosure...
Progress Sitefinity 安全漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity that stems from improper input neutralization during web page generation, resulting in a cross-site scripti...
Progress Sitefinity 安全漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity that stems from the presence of a session expiration vulnerability that allows session repair...
PT-2025-1671 · Progress · Sitefinity
Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 4.0 through 14.4.8142 Progress Sitefinity versions 15.0.8200 through 15.0.8229 Progress Sitefinity versions 15.1.8300 through 15.1.8327 Progress Sitefinity versions 15.2.8400 through 15.2.8421 Description: The iss...
Progress Sitefinity Security Breach
Progress Software Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress Software, USA. A security vulnerability exists in Progress Sitefinity 15.1.8321.0 and earlier versions, which could allow users to be redirected to an arbitrary site...
CVE-2023-27636
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...
CVE-2023-27636
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...
CVE-2023-27636
Progress Sitefinity before 15.0.0 allows Cross‑Site Scripting (XSS) by authenticated users via the SF Editor’s content form. Affected component: SF Editor in Sitefinity; vulnerability arises in input handling within the editor, enabling script execution when payloads are submitted and viewed. Imp...
CVE-2023-27636
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...
CVE-2023-27636
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...
Progress Sitefinity Cross-Site Scripting Vulnerability
Progress Sitefinity is an open source platform for building corporate websites and intranets. A cross-site scripting vulnerability exists in Progress Sitefinity due to cross-site scripting in the page editing area...
Progress Sitefinity Security Breach
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity, which can be exploited to obtain sensitive information through the site administrative area by a user with access to the Sitefinity backend...
Progress Sitefinity Input Validation Error Vulnerability
Progress Sitefinity is an open source platform for building corporate websites and intranets. Progress Sitefinity has an input validation error vulnerability that originates from a malicious user who may use the system to distribute phishing emails...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
Code injection
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...