Share:

CVE-2019-17392 - Progress Sitefinity

November 26, 2019

Critical 9.8

Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled.

Affected software

Progress Sitefinity

Reference links

https://knowledgebase.progress.com/articles/Article/Security-Advisory-for-Resolving-Security-vulnerabilities-November-2019

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.