CVE-2026-7198 – CWE-284: Improper Access Control in web services in Progress Sitefinity

CVE ID :CVE-2026-7198

Published : June 2, 2026, 2:17 p.m. | 15 minutes ago

Description :CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in full compromise of confidentiality, integrity, and availability of affected installations.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-11769 – Operator – Namespaced User Path Traversal

CVE-2026-9848 – WP Ticket

CVE-2026-54231 – Abrt: unsanitized systemd journal content written to dump directory files enables content injection

CVE-2026-54230 – Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites