Insufficient Session Expiration in Progress Sitefinity Affects Multiple Versions
CVE-2024-11627
6.8MEDIUM
What is CVE-2024-11627?
An Insufficient Session Expiration vulnerability exists in Progress Sitefinity, allowing for potential session fixation attacks. Affected versions range from Sitefinity 4.0 to 15.2.8400. If exploited, this vulnerability could allow attackers to hijack user sessions, leading to unauthorized access and potential data compromise. It is crucial for users to ensure that their Sitefinity installations are updated to mitigate this risk.
Affected Version(s)
Sitefinity 4.0 <= 14.4.8142
Sitefinity 15.0.8200 <= 15.0.8229
Sitefinity 15.1.8300 <= 15.1.8327