Vulnerabilities > Progress > Sitefinity > 14.3.8026

DATE CVE VULNERABILITY TITLE RISK
2024-06-16 CVE-2023-27636 Cross-site Scripting vulnerability in Progress Sitefinity
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
network
low complexity
progress CWE-79
5.4
5.4
2024-02-28 CVE-2024-1632 Unspecified vulnerability in Progress Sitefinity
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.
network
low complexity
progress
6.5
6.5
2024-02-28 CVE-2024-1636 Cross-site Scripting vulnerability in Progress Sitefinity
Potential Cross-Site Scripting (XSS) in the page editing area.
network
low complexity
progress CWE-79
5.4
5.4
2023-12-20 CVE-2023-6784 Unspecified vulnerability in Progress Sitefinity
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.
network
low complexity
progress
4.3
4.3