CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in full compromise of confidentiality, integrity, and availability of affected installations.
| Vendor | Product | Versions |
|---|---|---|
| progress | sitefinity | 15.4.8623 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| progress | sitefinity | cert_advisory | 90% |
Updated affected versions to include 15.4.8629 and corrected exploit availability status to false.
Initial creation