Known Vulnerabilities for Sitefinity by Progress Software
Listed below are 5 of the newest known vulnerabilities associated with "Sitefinity" by "Progress Software".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-7313 json | CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 all... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-7312 json | CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, a... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-7201 json | CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-7198 json | CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenti... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-7195 json | CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0... | Not Provided | 2026-06-02 | 2026-06-02 |