Vulnerability Details CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.7%
CVSS Severity
CVSS v3 Score 5.4
References
- https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerabilities-April-2023
- https://www.progress.com/sitefinity-cms
- https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerabilities-April-2023
- https://www.progress.com/sitefinity-cms
Products affected by CVE-2023-29376
-
cpe:2.3:a:progress:sitefinity:13.3
-
cpe:2.3:a:progress:sitefinity:13.3.7600
-
cpe:2.3:a:progress:sitefinity:13.3.7621
-
cpe:2.3:a:progress:sitefinity:13.3.7622
-
cpe:2.3:a:progress:sitefinity:13.3.7623
-
cpe:2.3:a:progress:sitefinity:13.3.7624
-
cpe:2.3:a:progress:sitefinity:13.3.7625
-
cpe:2.3:a:progress:sitefinity:13.3.7626
-
cpe:2.3:a:progress:sitefinity:13.3.7627
-
cpe:2.3:a:progress:sitefinity:13.3.7628
-
cpe:2.3:a:progress:sitefinity:13.3.7629
-
cpe:2.3:a:progress:sitefinity:13.3.7630
-
cpe:2.3:a:progress:sitefinity:13.3.7631
-
cpe:2.3:a:progress:sitefinity:13.3.7632
-
cpe:2.3:a:progress:sitefinity:13.3.7633
-
cpe:2.3:a:progress:sitefinity:13.3.7634
-
cpe:2.3:a:progress:sitefinity:13.3.7635
-
cpe:2.3:a:progress:sitefinity:13.3.7636
-
cpe:2.3:a:progress:sitefinity:13.3.7637
-
cpe:2.3:a:progress:sitefinity:13.3.7638
-
cpe:2.3:a:progress:sitefinity:13.3.7639
-
cpe:2.3:a:progress:sitefinity:13.3.7640
-
cpe:2.3:a:progress:sitefinity:13.3.7641
-
cpe:2.3:a:progress:sitefinity:13.3.7642
-
cpe:2.3:a:progress:sitefinity:13.3.7643
-
cpe:2.3:a:progress:sitefinity:13.3.7644
-
cpe:2.3:a:progress:sitefinity:13.3.7645
-
cpe:2.3:a:progress:sitefinity:14.0
-
cpe:2.3:a:progress:sitefinity:14.0.7700
-
cpe:2.3:a:progress:sitefinity:14.0.7721
-
cpe:2.3:a:progress:sitefinity:14.0.7722
-
cpe:2.3:a:progress:sitefinity:14.0.7723
-
cpe:2.3:a:progress:sitefinity:14.0.7724
-
cpe:2.3:a:progress:sitefinity:14.0.7725
-
cpe:2.3:a:progress:sitefinity:14.0.7726
-
cpe:2.3:a:progress:sitefinity:14.0.7727
-
cpe:2.3:a:progress:sitefinity:14.0.7728
-
cpe:2.3:a:progress:sitefinity:14.0.7729
-
cpe:2.3:a:progress:sitefinity:14.0.7730
-
cpe:2.3:a:progress:sitefinity:14.0.7731
-
cpe:2.3:a:progress:sitefinity:14.0.7732
-
cpe:2.3:a:progress:sitefinity:14.0.7733
-
cpe:2.3:a:progress:sitefinity:14.0.7734
-
cpe:2.3:a:progress:sitefinity:14.1
-
cpe:2.3:a:progress:sitefinity:14.1.7800
-
cpe:2.3:a:progress:sitefinity:14.1.7821
-
cpe:2.3:a:progress:sitefinity:14.1.7822
-
cpe:2.3:a:progress:sitefinity:14.1.7823
-
cpe:2.3:a:progress:sitefinity:14.1.7824
-
cpe:2.3:a:progress:sitefinity:14.1.7825
-
cpe:2.3:a:progress:sitefinity:14.2
-
cpe:2.3:a:progress:sitefinity:14.2.7900
-
cpe:2.3:a:progress:sitefinity:14.2.7921
-
cpe:2.3:a:progress:sitefinity:14.2.7922
-
cpe:2.3:a:progress:sitefinity:14.2.7923
-
cpe:2.3:a:progress:sitefinity:14.2.7924
-
cpe:2.3:a:progress:sitefinity:14.2.7925
-
cpe:2.3:a:progress:sitefinity:14.2.7926
-
cpe:2.3:a:progress:sitefinity:14.2.7927
-
cpe:2.3:a:progress:sitefinity:14.2.7928
-
cpe:2.3:a:progress:sitefinity:14.3
-
cpe:2.3:a:progress:sitefinity:14.3.8000
-
cpe:2.3:a:progress:sitefinity:14.3.8021
-
cpe:2.3:a:progress:sitefinity:14.3.8022
-
cpe:2.3:a:progress:sitefinity:14.3.8023
-
cpe:2.3:a:progress:sitefinity:14.3.8024
-
cpe:2.3:a:progress:sitefinity:14.3.8025