Sitefinity

14.4.8100

SEMANTIC 2 CVEs

13.3

MAJOR_MINOR 1 CVE

13.3.7600

SEMANTIC 2 CVEs

0

SINGLE_NUMBER 1 CVE

15.2.8421

SEMANTIC 2 CVEs

15.0

MAJOR_MINOR 1 CVE

15.1.8327

SEMANTIC 2 CVEs

14.2

MAJOR_MINOR 1 CVE

15.0.8200

SEMANTIC 4 CVEs

15.0.8229

SEMANTIC 2 CVEs

14.4

MAJOR_MINOR 1 CVE

14.4.8142

SEMANTIC 2 CVEs

15.1.8300

SEMANTIC 2 CVEs

14.3

MAJOR_MINOR 1 CVE

4.0

MAJOR_MINOR 2 CVEs

14.1

MAJOR_MINOR 1 CVE

15.2.8400

SEMANTIC 2 CVEs

CVE-2024-11626

Improper Neutralization of Input During CMS Backend (adminstrative section) Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421.

HIGH Jan 07, 2025

CVE-2024-11625

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421.

HIGH Jan 07, 2025

CVE-2024-4882

The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions.

UNKNOWN Jul 08, 2024

CVE-2024-1636

Potential Cross-Site Scripting (XSS) in the page editing area.

HIGH Feb 28, 2024

CVE-2024-1632

Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.

HIGH Feb 28, 2024