CVE-2023-6784


Potential Use of the Sitefinity System for Distribution of Phishing Emails

A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.


We have discovered 1,866 live websites that are affected by CVE-2023-6784.

Contact us to get more info



Affected Software

Product  Sitefinity
Category Content Management System
Vulnerable Versions
  • from 13.3 before 13.3.7648
  • from 14.1 before 14.1.7828
  • from 14.2 before 14.2.7932
  • from 14.3 before 14.3.8029
  • from 14.4 before 14.4.8133
  • from 15 before 15.0.8223
Total Vulnerable Versions342
Vulnerable Domains1,866 live websites (33.96% of Sitefinity install base)


Common Weakness Enumeration


CWE-20 Improper Input Validation


Distribution by Website Rank

The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-6784 and the relative popularity of websites


Details

  • Published - Dec 20, 2023
  • Updated - Dec 20, 2023





Countries

United States1,224 websites


GB136 websites
Canada106 websites
Australia62 websites
Saudi Arabia43 websites
Singapore35 websites
Netherlands34 websites
Mexico29 websites
Italy23 websites
Germany15 websites

TLDs

.com963 websites
.org325 websites
.co.uk85 websites
.com.au44 websites
.ca43 websites
.edu31 websites
.nl29 websites
.net24 websites
.be13 websites
.it10 websites

Vulnerable Versions

Vulnerable versions are highlighted in red


Geographical Distribution

The distribution of websites across the globe that are exposed to CVE-2023-6784 through included software libraries and plugins.



References


Websites affected by CVE-2023-6784

Top websites that are affected by CVE-2023-6784. Please click on the "Contact us" button above to get more information.
DomainCountryRankContacts
***.***.int Switzerland***
*********.net GB*,***
***.*********.net GB*,***
***********.org United States**,***
***.********.org United States**,***
***.*******.com United States**,***
***.*******.***.gov United States**,***
***.***.sg Singapore**,***
***.****.org United States**,***
***.*****.edu United States**,***
See full domain list