CVE-2024-1636

Potential Cross-Site Scripting (XSS) in the page editing area

Potential Cross-Site Scripting (XSS) in the page editing area.

We have discovered 1,931 live websites that are affected by CVE-2024-1636.


Product	Sitefinity
Category	Content Management System
Vulnerable Versions	from 13.3.7600 before 13.3.7649 from 14.4.8100 before 14.4.8135 from 15.0.8200 before 15.0.8227
Total Vulnerable Versions	342
Vulnerable Domains	1,931 live websites (35.15% of Sitefinity install base)

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The diagram provides a graphic representation of the correlation between the occurrence of CVE-2024-1636 and the relative popularity of websites

Vulnerable versions are highlighted in red

The distribution of websites across the globe that are exposed to CVE-2024-1636 through included software libraries and plugins.

Top websites that are affected by CVE-2024-1636. Please click on the "Contact us" button above to get more information.

Domain	Country	Rank
*********.net	GB	,**
*.*******.net	GB	,**
*.************.com	United States	,**
*.**********.org	United States	,*
*.*****.com	United States	,*
*.***.*.gov	United States	,*
*..**.sg	Singapore	,*
*.**.org	United States	,*
*.*.sg	Singapore	,*
*.**.org	United States	,*

Domain	Country	Rank
*********.net	GB	,**
*.*******.net	GB	,**
*.************.com	United States	,**
*.**********.org	United States	,*
*.*****.com	United States	,*
*.***.*.gov	United States	,*
*..**.sg	Singapore	,*
*.**.org	United States	,*
*.*.sg	Singapore	,*
*.**.org	United States	,*