Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
progress sitefinity 9.1 |