First published: Fri Sep 28 2018(Updated: )
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Progress Sitefinity | >=4.0<=11.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-17055.
The severity of the CVE-2018-17055 vulnerability is high with a severity value of 7.5.
Progress Sitefinity CMS versions 4.0 through 11.0 are affected by CVE-2018-17055.
The CWE ID associated with CVE-2018-17055 is CWE-434.
To fix the arbitrary file upload vulnerability in Progress Sitefinity CMS, apply the security patches provided by the vendor and update to a non-vulnerable version.