progress sitefinity の CVE(24 件)

CVE 件数: 24 CPE versions: View versions table

概要

本ページは progress sitefinity に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 2124 / 24 CVE 件数
«« 先頭 « 前へ 2 / 2 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2017-18176 Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1. [email protected] 5.4 0.74% 2018-02-12 2026-06-16
CVE-2017-18175 Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1. [email protected] 5.4 0.74% 2018-02-12 2026-06-16
CVE-2017-15883 Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography. [email protected] 9.8 1.93% 2018-01-08 2026-06-16
CVE-2017-9248 KEV Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise. [email protected] 9.8 75.10% 2017-07-03 2026-06-16
«« 先頭 « 前へ 2 / 2 次へ »
cvelogic Threat Intelligence