← Back

CVE-2023-29375

nvd nist
Published: Apr 10, 2023Modified: Jun 17, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector.

Affected (5)

Products: Progress: Sitefinity
Progress
1 product
Sitefinity
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Progress
Sitefinity
From 13.3 to 13.3.7646
Sitefinity
From 14.0 to 14.0.7736
Sitefinity
From 14.1 to 14.1.7826
Sitefinity
From 14.2 to 14.2.7930
Sitefinity
From 14.3 to 14.3.8026

Related CWEs

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Product
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Product

Timeline

No history available yet.