Vulnerabilities > Progress > Sitefinity > 14.0.7734

DATE CVE VULNERABILITY TITLE RISK
2024-02-28 CVE-2024-1632 Unspecified vulnerability in Progress Sitefinity
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.
network
low complexity
progress
6.5
2024-02-28 CVE-2024-1636 Cross-site Scripting vulnerability in Progress Sitefinity
Potential Cross-Site Scripting (XSS) in the page editing area.
network
low complexity
progress CWE-79
5.4
2023-04-10 CVE-2023-29375 Unrestricted Upload of File with Dangerous Type vulnerability in Progress Sitefinity
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025.
network
low complexity
progress CWE-434
critical
9.8
2023-04-10 CVE-2023-29376 Cross-site Scripting vulnerability in Progress Sitefinity
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025.
network
low complexity
progress CWE-79
5.4