CVE-2026-7313

Published: Giu 02, 2026 Last Modified: Giu 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,7

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used connect to Sitefinity Insight service. Successful exploitation requires active integration with Sitefinity Insight, non-default site configuration and valid back-end authorization.

https://community.progress.com/s/article/Sitefinity-Securit…

https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addre…

CVE-2026-7313

Description

Iscriviti alla newsletter