CVE-2026-7313
EUVD-2026-3392202.06.2026, 14:17
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used connect to Sitefinity Insight service. Successful exploitation requires active integration with Sitefinity Insight, non-default site configuration and valid back-end authorization.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| progress | sitefinity | 8.0.5700 ≤ 𝑥 < 13.3.7652 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration