cbcvebase.
CVE-2024-11627
published 2025-01-07

CVE-2024-11627: : Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142…

PriorityP340high8.1CVSS 3.1
AVNACLPRNUIRSUCHIHAN
EPSS
0.31%
23.0th percentile
: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421.

Affected

8 ranges
VendorProductVersion rangeFixed in
progresssitefinity>= 15.0.8200 < 15.0.823015.0.8230
progresssitefinity15.0.8200 – 15.0.8229
progresssitefinity>= 15.1.8300 < 15.1.832815.1.8328
progresssitefinity15.1.8300 – 15.1.8327
progresssitefinity>= 15.2.8400 < 15.2.842215.2.8422
progresssitefinity15.2.8400 – 15.2.8421
progresssitefinity>= 4.0 < 14.4.814314.4.8143
progresssitefinity4.0 – 14.4.8142
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.