PT-2026-45760 · Progress · Sitefinity
Published
2026-06-02
·
Updated
2026-06-02
·
CVE-2026-7198
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Progress Sitefinity versions 15.4.8623 through 15.4.8629
Description
Improper Access Control in web services allows a remote unauthenticated attacker to access restricted content. This can lead to a full compromise of confidentiality, integrity, and availability of the affected installations.
Recommendations
Update to version 15.4.8630.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sitefinity