CVE-2017-18175

Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:sitefinity:9.1:*:*:*:*:*:*:*

Information

Published : 2018-02-12 06:29

Updated : 2018-03-05 11:57


NVD link : CVE-2017-18175

Mitre link : CVE-2017-18175


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

progress

  • sitefinity