278 matches found
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
Design/Logic Flaw
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
Code injection
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
Progress Sitefinity 跨站脚本漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity Series 13.3, versions prior to 13.3.7647, Series 14.0, versions prior to 14.0.7736, Series 14.1, versions prior to 14.1.7826, Series 14.2, versions...
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
PT-2023-22232 · Progress · Progress Sitefinity
Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 13.3 through 13.3.7646 Progress Sitefinity versions 14.0 through 14.0.7735 Progress Sitefinity versions 14.1 through 14.1.7825 Progress Sitefinity versions 14.2 through 14.2.7929 Progress Sitefinity versions 14.3...
CVE-2023-29375
Progress Sitefinity (versions 13.3 up to 13.3.7647, 14.0 up to 14.0.7736, 14.1 up to 14.1.7826, 14.2 up to 14.2.7930, and 14.3 up to 14.3.8025) is affected by a vulnerability allowing potentially dangerous file uploads via the SharePoint connector. The underlying issue is a file-upload risk expos...
Progress Sitefinity 代码问题漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity Series 13.3, versions prior to 13.3.7647, Series 14.0, versions prior to 14.0.7736, Series 14.1, versions prior to 14.1.7826, Series 14.2, versions...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
PT-2023-22233 · Progress · Sitefinity
Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 13.3 through 13.3.7646 Progress Sitefinity versions 14.0 through 14.0.7735 Progress Sitefinity versions 14.1 through 14.1.7825 Progress Sitefinity versions 14.2 through 14.2.7929 Progress Sitefinity versions 14.3...
CVE-2023-29376
Product affected: Progress Sitefinity (versions 13.3.x up to 13.3.7646; 14.0 up to 14.0.7735; 14.1 up to 14.1.7825; 14.2 up to 14.2.7929; 14.3 up to 14.3.8024).** Vulnerability: Cross-site scripting (XSS) by privileged users targeting media libraries.** CVE: CVE-2023-29376.** Root cause / impact ...
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability
Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey, perform cross-site-scripting XSS attacks, compromise the ASP.NET ViewState,...
VulnCheck KEV: CVE-2017-9248
Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey, perform cross-site-scripting XSS attacks, compromise the ASP.NET...
Unspecified Vulnerability in Progress Sitefinity CMS
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity version 12.1, which stems from the program's use of a weak password recovery mechanism when retrieving passwords. The vulnerability can be exploited...
CVE-2019-17392
Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled...
CVE-2019-17392
Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled...