Lucene search
K

278 matches found

NVD
NVD
added 2023/04/10 3:15 p.m.19 views

CVE-2023-29375

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...

9.8CVSS9.5AI score0.00797EPSS
Exploits0References2
NVD
NVD
added 2023/04/10 3:15 p.m.26 views

CVE-2023-29376

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

5.4CVSS5.2AI score0.00414EPSS
Exploits0References2
OSV
OSV
added 2023/04/10 3:15 p.m.5 views

CVE-2023-29375

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...

9.8CVSS7.3AI score0.00797EPSS
Exploits0References2
Prion
Prion
added 2023/04/10 3:15 p.m.31 views

Design/Logic Flaw

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...

7.5CVSS9.4AI score0.00797EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/04/10 3:15 p.m.32 views

Code injection

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

4.9CVSS5.2AI score0.00414EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.7 views

Progress Sitefinity 跨站脚本漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity Series 13.3, versions prior to 13.3.7647, Series 14.0, versions prior to 14.0.7736, Series 14.1, versions prior to 14.1.7826, Series 14.2, versions...

5.4CVSS5.6AI score0.00414EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/04/10 12:0 a.m.8 views

CVE-2023-29375

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...

9.6AI score0.00797EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.7 views

PT-2023-22232 · Progress · Progress Sitefinity

Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 13.3 through 13.3.7646 Progress Sitefinity versions 14.0 through 14.0.7735 Progress Sitefinity versions 14.1 through 14.1.7825 Progress Sitefinity versions 14.2 through 14.2.7929 Progress Sitefinity versions 14.3...

9.8CVSS7.3AI score0.00797EPSS
Exploits0References7
CVE
CVE
added 2023/04/10 12:0 a.m.47 views

CVE-2023-29375

Progress Sitefinity (versions 13.3 up to 13.3.7647, 14.0 up to 14.0.7736, 14.1 up to 14.1.7826, 14.2 up to 14.2.7930, and 14.3 up to 14.3.8025) is affected by a vulnerability allowing potentially dangerous file uploads via the SharePoint connector. The underlying issue is a file-upload risk expos...

9.8CVSS9.4AI score0.00797EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.5 views

Progress Sitefinity 代码问题漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity Series 13.3, versions prior to 13.3.7647, Series 14.0, versions prior to 14.0.7736, Series 14.1, versions prior to 14.1.7826, Series 14.2, versions...

9.8CVSS8.4AI score0.00797EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/04/10 12:0 a.m.7 views

CVE-2023-29376

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

5.2AI score0.00414EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.4 views

PT-2023-22233 · Progress · Sitefinity

Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 13.3 through 13.3.7646 Progress Sitefinity versions 14.0 through 14.0.7735 Progress Sitefinity versions 14.1 through 14.1.7825 Progress Sitefinity versions 14.2 through 14.2.7929 Progress Sitefinity versions 14.3...

5.4CVSS6.1AI score0.00414EPSS
Exploits0References7
CVE
CVE
added 2023/04/10 12:0 a.m.61 views

CVE-2023-29376

Product affected: Progress Sitefinity (versions 13.3.x up to 13.3.7646; 14.0 up to 14.0.7735; 14.1 up to 14.1.7825; 14.2 up to 14.2.7929; 14.3 up to 14.3.8024).** Vulnerability: Cross-site scripting (XSS) by privileged users targeting media libraries.** CVE: CVE-2023-29376.** Root cause / impact ...

5.4CVSS5.1AI score0.00414EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/10 12:0 a.m.21 views

CVE-2023-29375

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...

9.7AI score0.00797EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/10 12:0 a.m.23 views

CVE-2023-29376

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...

5.4AI score0.00414EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.58 views

Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability

Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey, perform cross-site-scripting XSS attacks, compromise the ASP.NET ViewState,...

9.8CVSS8.7AI score0.75098EPSS
In wildExploits5
VulnCheck KEV
VulnCheck KEV
added 2020/10/22 12:0 a.m.5 views

VulnCheck KEV: CVE-2017-9248

Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey, perform cross-site-scripting XSS attacks, compromise the ASP.NET...

9.8CVSS7.4AI score0.75098EPSS
Exploits5References1
CNVD
CNVD
added 2019/11/27 12:0 a.m.5 views

Unspecified Vulnerability in Progress Sitefinity CMS

Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity version 12.1, which stems from the program's use of a weak password recovery mechanism when retrieving passwords. The vulnerability can be exploited...

9.8CVSS7AI score0.01089EPSS
Exploits0References1
OSV
OSV
added 2019/11/26 6:15 p.m.5 views

CVE-2019-17392

Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled...

9.8CVSS7.3AI score0.01089EPSS
Exploits0References1
NVD
NVD
added 2019/11/26 6:15 p.m.21 views

CVE-2019-17392

Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled...

9.8CVSS9.5AI score0.01089EPSS
Exploits0References1
Rows per page
Query Builder