Latest progress sitefinity Vulnerabilities

CVE-2023-6784
Potential Use of the Sitefinity System for Distribution of Phishing Emails
Progress Sitefinity>=4.0<13.3.7648
Progress Sitefinity>=14.1<14.1.7828
Progress Sitefinity>=14.2<14.2.7932
Progress Sitefinity>=14.3<14.3.8029
Progress Sitefinity>=14.4<14.4.8133
Progress Sitefinity>=15.0<15.0.8223
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileg...
Progress Sitefinity>=13.3<13.3.7646
Progress Sitefinity>=14.0<14.0.7736
Progress Sitefinity>=14.1<14.1.7826
Progress Sitefinity>=14.2<14.2.7930
Progress Sitefinity>=14.3<14.3.8026
CVE-2019-17392
Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled.
Progress Sitefinity>=9.1<9.1.6185
Progress Sitefinity>=9.2<9.2.6276
Progress Sitefinity>=10.0<10.0.6431
Progress Sitefinity>=10.1<10.1.6542
Progress Sitefinity>=10.2<=10.2.6651
Progress Sitefinity>=11.0<=11.0.6739
and 4 more
CVE-2019-7215
Progress Sitefinity 10.1.6536 does not invalidate session cookies upon logouts. It instead tries to overwrite the cookie in the browser, but it remains valid on the server side. This means the cookie ...
Progress Sitefinity>=7.0<7.0.5143
Progress Sitefinity>=7.1<7.1.5243
Progress Sitefinity>=7.2<7.2.5353
Progress Sitefinity>=7.3<7.3.5693
Progress Sitefinity>=8.0<8.0.5773
Progress Sitefinity>=8.1<8.1.5863
and 10 more
CVE-2018-17055
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads.
Progress Sitefinity>=4.0<=11.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203