PT-2023-22232 · Progress · Progress Sitefinity
Publicado
2023-04-10
·
Atualizado
2025-02-12
·
CVE-2023-29375
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Progress Sitefinity versions 13.3 through 13.3.7646
Progress Sitefinity versions 14.0 through 14.0.7735
Progress Sitefinity versions 14.1 through 14.1.7825
Progress Sitefinity versions 14.2 through 14.2.7929
Progress Sitefinity versions 14.3 through 14.3.8024
Description
An issue was discovered in Progress Sitefinity, allowing potentially dangerous file upload through the SharePoint connector.
Recommendations
For Progress Sitefinity version 13.3, update to version 13.3.7647 or later.
For Progress Sitefinity version 14.0, update to version 14.0.7736 or later.
For Progress Sitefinity version 14.1, update to version 14.1.7826 or later.
For Progress Sitefinity version 14.2, update to version 14.2.7930 or later.
For Progress Sitefinity version 14.3, update to version 14.3.8025 or later.
Correção
Unrestricted File Upload
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Progress Sitefinity