Vulnerabilities > Progress > Sitefinity > 15.0

DATE CVE VULNERABILITY TITLE RISK
2024-06-16 CVE-2023-27636 Cross-site Scripting vulnerability in Progress Sitefinity
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
network
low complexity
progress CWE-79
5.4
2023-12-20 CVE-2023-6784 Unspecified vulnerability in Progress Sitefinity
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.
network
low complexity
progress
4.3