Vulnerabilities > Progress > Sitefinity > 14.2.7932

DATE CVE VULNERABILITY TITLE RISK
2024-06-16 CVE-2023-27636 Cross-site Scripting vulnerability in Progress Sitefinity
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
network
low complexity
progress CWE-79
5.4
2024-02-28 CVE-2024-1632 Unspecified vulnerability in Progress Sitefinity
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.
network
low complexity
progress
6.5
2024-02-28 CVE-2024-1636 Cross-site Scripting vulnerability in Progress Sitefinity
Potential Cross-Site Scripting (XSS) in the page editing area.
network
low complexity
progress CWE-79
5.4