Vulnerability CVE-2023-27636
Published: 2024-06-16

Description:
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Sitefinity 15.0 Cross Site Scripting
Aldi Saputra Wah...
04.06.2024

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://aldisaw.id/security/2024/06/03/CVE-2023-27636.html
Copyright 2024, cxsecurity.com

 

Back to Top