CVE-2026-7195 in Sitefinityالمعلومات

الملخص

بحسب MITRE • 02/06/2026

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to compromise the integrity and confidentiality of user accounts. Successful exploitation requires user interaction and a non-default site configuration.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

ProgressSoftware

حجز

27/04/2026

إفشاء

02/06/2026

الاعتدال

تمت الموافقة

إدخال

VDB-367937

CPE

جاهز

CWE

CWE-20 (مؤكد)

CVSS

8.8 (CNA)

EPSS

0.00053

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7195
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7195
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7195/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!