CVE-2024-1636

Summary

Potential Cross-Site Scripting (XSS) in the page editing area.

Affected Software

VendorProductVersion RangeStatus
Progress Software CorporationSitefinity13.3.7600 < 13.3.7649affected
Progress Software CorporationSitefinity14.4.8100 < 14.4.8135affected
Progress Software CorporationSitefinity15.0.8200 < 15.0.8227affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References