cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11626,https://securityvulnerability.io/vulnerability/CVE-2024-11626,Cross-site Scripting Vulnerability in Progress Sitefinity CMS,"A Cross-site Scripting (XSS) vulnerability has been identified in the administrative backend of Progress Sitefinity. This issue arises from improper neutralization of user input during web page generation, allowing attackers to inject malicious scripts into the web application. The vulnerability affects multiple versions of Sitefinity, fostering an opportunity for unauthorized access and data manipulation within the CMS environment. Awareness and timely patching are crucial to mitigate the associated risks.",Progress Software,Sitefinity,8.4,HIGH,0.01,false,false,false,false,false,false,false,2025-01-07T07:49:01.805Z,0
CVE-2024-11625,https://securityvulnerability.io/vulnerability/CVE-2024-11625,Information Exposure Vulnerability in Progress Software Sitefinity,"An information exposure vulnerability exists in Progress Software's Sitefinity platform that arises from improper handling of error messages. This flaw can potentially allow an attacker to gain sensitive information about the system, which could be exploited to further compromise the environment. Affected versions range from 4.0 to 15.2.8400, making it crucial for users to review their installations and implement appropriate security measures.",Progress Software,Sitefinity,7.7,HIGH,0.01,false,false,false,false,false,false,false,2025-01-07T07:48:32.620Z,0
CVE-2024-1636,https://securityvulnerability.io/vulnerability/CVE-2024-1636,XSS Vulnerability Discovered in Page Editing Area,Potential Cross-Site Scripting (XSS) in the page editing area.,Progress Software,Sitefinity,5.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-02-28T12:05:23.082Z,0
CVE-2024-1632,https://securityvulnerability.io/vulnerability/CVE-2024-1632,Low-Privileged Users May Access Sensitive Information from Sitefinity's Administrative Area,Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area.,Progress Software,Sitefinity,6.5,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2024-02-28T12:04:45.869Z,0
CVE-2023-6784,https://securityvulnerability.io/vulnerability/CVE-2023-6784,Potential Use of the Sitefinity System for Distribution of Phishing Emails,"
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.

",Progress Software,Sitefinity,4.7,MEDIUM,0.000750000006519258,false,false,false,false,,false,false,2023-12-20T14:15:00.000Z,0