PT-2023-22232 · Progress · Progress Sitefinity
Published
2023-04-10
·
Updated
2025-02-12
·
CVE-2023-29375
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Progress Sitefinity versions 13.3 through 13.3.7646
Progress Sitefinity versions 14.0 through 14.0.7735
Progress Sitefinity versions 14.1 through 14.1.7825
Progress Sitefinity versions 14.2 through 14.2.7929
Progress Sitefinity versions 14.3 through 14.3.8024
Description
An issue was discovered in Progress Sitefinity, allowing potentially dangerous file upload through the SharePoint connector.
Recommendations
For Progress Sitefinity version 13.3, update to version 13.3.7647 or later.
For Progress Sitefinity version 14.0, update to version 14.0.7736 or later.
For Progress Sitefinity version 14.1, update to version 14.1.7826 or later.
For Progress Sitefinity version 14.2, update to version 14.2.7930 or later.
For Progress Sitefinity version 14.3, update to version 14.3.8025 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Progress Sitefinity