Sitefinity@* Security Vulnerabilities and Issues — Sitefinity@* CVE List

Lucene search

ProgressSitefinity*

4 matches found

CVE•added 2017/07/03 7:29 p.m.•1268 views

CVE-2017-9248

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading...

9.8CVSS9.2AI score0.87802EPSS

In wildWeb

CVE•added 2024/02/28 12:15 p.m.•104 views

CVE-2024-1636

Potential Cross-Site Scripting (XSS) in the page editing area.

8CVSS6.9AI score0.02178EPSS

CVE•added 2024/02/28 12:15 p.m.•84 views

CVE-2024-1632

Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.

8.8CVSS8.3AI score0.02178EPSS

CVE•added 2024/06/16 9:15 p.m.•49 views

CVE-2023-27636

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.

6.5CVSS6AI score0.00248EPSS