Primary

Context

Progress Sitefinity Improper Access Control Vulnerability Allowing Unauthenticated Content Access

Vulnerability

Patched

A vulnerability allowing improper access control in web services has been identified in Progress Sitefinity versions 15.4.8623 prior to 15.4.8630. This vulnerability allows remote unauthenticated attackers to access restricted content, leading to a full compromise of the confidentiality, integrity, and availability of affected installations.

Impact

Exploitation of this vulnerability could result in unauthorized access to restricted content, allowing for a complete compromise of the confidentiality, integrity, and availability of the affected Sitefinity installation.

Remediation

Progress Sitefinity has released a product update for the affected version. Users are advised to update to version 15.4.8630. Instructions for applying the update can be found in the Progress Sitefinity Knowledge Base Article 'How to update Sitefinity to hotfix internal build or a patch'.

Added: Jun 2, 2026, 2:37 PM

Updated: Jun 2, 2026, 2:37 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

7.6

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

7.6

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Progress Sitefinity Improper Access Control Vulnerability Allowing Unauthenticated Content Access

Vulnerability

Impact

Remediation

Affected Products

Progress Sitefinity

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating