First published: Mon Apr 10 2023(Updated: )
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Progress Sitefinity | >=13.3<13.3.7646 | |
Progress Sitefinity | >=14.0<14.0.7736 | |
Progress Sitefinity | >=14.1<14.1.7826 | |
Progress Sitefinity | >=14.2<14.2.7930 | |
Progress Sitefinity | >=14.3<14.3.8026 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-29375 is a vulnerability in Progress Sitefinity versions 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025 that allows for potentially dangerous file upload through the SharePoint connector.
CVE-2023-29375 is rated as critical with a severity score of 9.8.
Progress Sitefinity versions 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025 are affected by CVE-2023-29375.
To fix CVE-2023-29375, upgrade Progress Sitefinity to version 13.3.7647, 14.0.7736, 14.1.7826, 14.2.7930, or 14.3.8025.
More information about CVE-2023-29375 can be found in the Sitefinity Security Advisory and on the Progress Sitefinity CMS website.