Primary

Context

Progress Sitefinity Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability allowing information exposure through error messages has been identified in Progress Sitefinity. This issue affects versions 4.0 prior to 14.4.8142, 15.0.8200 through 15.0.8229, 15.1.8300 through 15.1.8327, and 15.2.8400 through 15.2.8421.

Impact

Exploitation of this vulnerability can lead to the unintentional disclosure of sensitive information through verbose error messages.

Remediation

Progress Sitefinity has released patches for all supported versions. Users are advised to update to the latest version. For instructions on how to apply the update, refer to the Progress Sitefinity Knowledge Base Article on updating Sitefinity to a patch.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Progress Sitefinity Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Progress Software Corporation Sitefinity

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating