Progress · Sitefinity · CVE-2023-27636
**Name of the Vulnerable Software and Affected Versions**
Progress Sitefinity versions prior to 15.0.0
**Description**
The issue allows cross-site scripting (XSS) by authenticated users through the content form in the SF Editor. This can potentially lead to malicious script execution.
**Recommendations**
For versions prior to 15.0.0, update to version 15.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SF Editor for authenticated users until the update is applied.