Lucene search
MitreCVE-2023-27636HistoryJun 16, 2024 - 9:15 p.m.
CVE-2023-27636
2024-06-1621:15:50
CWE-79
mitre
web.nvd.nist.gov
31
progress sitefinity
xss
authenticated users
sf editor
content form
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0.003
Percentile
70.9%
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
Affected configurations
Node
progresssitefinityRange<15.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| progress | sitefinity | * | cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-27636
2024-06-16 00:00:00
exploitdb
exploitdb
Sitefinity 15.0 - Cross-Site Scripting (XSS)
2024-06-03 00:00:00
zdt
zdt
Sitefinity 15.0 - Cross-Site Scripting Vulneraility
2024-06-04 00:00:00
vulnrichment
vulnrichment
CVE-2023-27636
2024-06-16 00:00:00
nvd
nvd
CVE-2023-27636
2024-06-16 21:15:50
packetstorm
packetstorm
Sitefinity 15.0 Cross Site Scripting
2024-06-03 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0.003
Percentile
70.9%
Related for CVE-2023-27636