2 matches found
CVE-2023-29376
Product affected: Progress Sitefinity (versions 13.3.x up to 13.3.7646; 14.0 up to 14.0.7735; 14.1 up to 14.1.7825; 14.2 up to 14.2.7929; 14.3 up to 14.3.8024).** Vulnerability: Cross-site scripting (XSS) by privileged users targeting media libraries.** CVE: CVE-2023-29376.** Root cause / impact ...
CVE-2023-29375
Progress Sitefinity (versions 13.3 up to 13.3.7647, 14.0 up to 14.0.7736, 14.1 up to 14.1.7826, 14.2 up to 14.2.7930, and 14.3 up to 14.3.8025) is affected by a vulnerability allowing potentially dangerous file uploads via the SharePoint connector. The underlying issue is a file-upload risk expos...