Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-27636
HistoryJun 16, 2024 - 9:15 p.m.

CVE-2023-27636

2024-06-1621:15:50
CWE-79
[email protected]
web.nvd.nist.gov
11
progress sitefinity
xss
authenticated users
content form
sf editor

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.003

Percentile

70.9%

JSON

Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.

Affected configurations

Nvd
Node
progresssitefinityRange<15.0.0
VendorProductVersionCPE
progresssitefinity*cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*

Related

zdt 1
cvelist 1
exploitdb 1
vulnrichment 1
cve 1
packetstorm 1
zdt
zdt
Sitefinity 15.0 - Cross-Site Scripting Vulneraility
2024-06-04 00:00:00
cvelist
cvelist
CVE-2023-27636
2024-06-16 00:00:00
exploitdb
exploitdb
Sitefinity 15.0 - Cross-Site Scripting (XSS)
2024-06-03 00:00:00
vulnrichment
vulnrichment
CVE-2023-27636
2024-06-16 00:00:00
cve
cve
CVE-2023-27636
2024-06-16 21:15:50
packetstorm
packetstorm
Sitefinity 15.0 Cross Site Scripting
2024-06-03 00:00:00

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.003

Percentile

70.9%

JSON
Related for NVD:CVE-2023-27636
zdt1cvelist1exploitdb1vulnrichment1cve1packetstorm1