XSS Vulnerability in Progress Sitefinity 9.1 Template Configuration

CVE-2017-18175 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.

Learn more about our Web Application Penetration Testing UK.