[Progress Communities] [Progress OpenEdge ABL] Forum Post: How to apply patches in sitefinity 12.2 version

  • Thread starter Shafqat.Soomro@lbusa.com
  • Start date
Status
Not open for further replies.
S

Shafqat.Soomro@lbusa.com

Guest
Hello, How to apply below patches in sitefinity 12.2 version? Article Number 000102332 Environment Product: Sitefinity Version: 7.x, 8.x, 9.x, 10.x, 11.x, 12.x OS: All supported OS versions Database: All supported Microsoft SQL Server version Question/Problem Description A set of potential security vulnerabilities have been identified in Progress Sitefinity. Below you will find a list of bugfix rollup patches per version, which contain fixes for these vulnerabilities. If you have any questions in this regard, please contact Progress Technical Support. Directory Traversal (Workflow) vulnerability Affected Supported Versions: 7.0 - 12.2 Severity : Critical Directory Traversal (File upload) vulnerability Affected Supported Versions : 7.0 - 10.1 Severity : Critical XSS vulnerabilities in the Backend Administration Affected Supported Versions : 7.0 - 12.2 Severity : Medium Only Users with Backend privileges can exploit this vulnerability Version 11.0 and up introduce the WebSecurity Module, which has a CSP header protection against XSS attacks. When the module is active, this attack vector is mitigated. Sitefinity Documentation, WebSecurity Module

Continue reading...
 
Status
Not open for further replies.
Top