Progress Software Corporation — Vulnerabilities & Security Advisories 86

Browse all 86 CVE security advisories affecting Progress Software Corporation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Progress Software Corporation:WhatsUp Gold WS_FTP Server Sitefinity Telerik Report Server MOVEit Transfer OpenEdge Telerik Reporting LoadMaster Chef InSpec Chef Automate Telerik UI for WinForms MOVEit Automation Chef Habitat Builder Progress® Telerik® Reporting

CVE ID	Title	CVSS	Severity	Published
CVE-2024-1632	Incorrect access control in the Sitefinity backend — SitefinityCWE-284	8.8	High	2024-02-28
CVE-2023-40052	Progress Application Server (PAS) for OpenEdge Denial of Service — OpenEdgeCWE-119	7.5	High	2024-01-18
CVE-2023-40051	Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal — OpenEdgeCWE-434	9.1	Critical	2024-01-18
CVE-2024-0396	Missing Server-Side Input Validation in HTTP Parameter — MOVEit TransferCWE-20	7.1	High	2024-01-17
CVE-2023-6784	Potential Use of the Sitefinity System for Distribution of Phishing Emails — SitefinityCWE-20	4.7	Medium	2023-12-20
CVE-2023-6368	WhatsUp Gold Unauthenticated Access to an API Endpoint — WhatsUp GoldCWE-306	5.9	Medium	2023-12-14
CVE-2023-6595	WhatsUp Gold Unauthenticated Access to an API Endpoint — WhatsUp GoldCWE-306	7.5	High	2023-12-14
CVE-2023-6367	WhatsUp Gold Stored Cross-Site Scripting (XSS) via Roles — WhatsUp GoldCWE-79	7.6	High	2023-12-14
CVE-2023-6366	WhatsUp Gold Stored Cross-Site Scripting (XSS) via Alert Center — WhatsUp GoldCWE-79	7.6	High	2023-12-14
CVE-2023-6365	WhatsUp Gold Stored Cross-Site Scripting (XSS) via Device Groups — WhatsUp GoldCWE-79	7.6	High	2023-12-14
CVE-2023-6364	WhatsUp Gold Stored Cross-Site Scripting (XSS) via Dashboard — WhatsUp GoldCWE-79	7.6	High	2023-12-14
CVE-2023-6218	MOVEit Transfer Group Admin Privilege Escalation — MOVEit TransferCWE-269	7.2	High	2023-11-29
CVE-2023-6217	MOVEit Transfer XSS via MOVEit Gateway — MOVEit TransferCWE-79	7.1	High	2023-11-29
CVE-2023-42659	WS_FTP Server Arbitrary File Upload — WS_FTP ServerCWE-434	9.1	Critical	2023-11-07
CVE-2023-42658	InSpec Archive Command Vulnerable to Maliciously Crafted Profile — Chef InSpecCWE-94	8.8	High	2023-10-31
CVE-2023-40050	Automate Vulnerable to Malicious Content Uploaded Through Embedded Compliance Application — Chef AutomateCWE-94	9.9	Critical	2023-10-31
CVE-2023-40049	WS_FTP Server Information Disclosure via Directory Listing — WS_FTP ServerCWE-200	5.3	Medium	2023-09-27
CVE-2023-40048	WS_FTP Server Cross-Site Request Forgery (CSRF) Vulnerability — WS_FTP ServerCWE-352	6.8	Medium	2023-09-27
CVE-2023-40047	WS_FTP Server Stored Cross-Site Scripting Vulnerability — WS_FTP ServerCWE-79	8.3	High	2023-09-27
CVE-2023-40046	WS_FTP Server SQL Injection via Administrative Interface — WS_FTP ServerCWE-89	8.2	High	2023-09-27
CVE-2023-40045	WS_FTP Server Ad Hoc Transfer Module Reflected Cross-Site Scripting Vulnerability — WS_FTP ServerCWE-79	8.3	High	2023-09-27
CVE-2023-42657	WS_FTP Server Directory Traversal — WS_FTP ServerCWE-22	9.9	Critical	2023-09-27
CVE-2023-40044	WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability — WS_FTP ServerCWE-502	10.0	Critical	2023-09-27
CVE-2023-42656	MOVEit Transfer Reflected XSS — MOVEit TransferCWE-79	6.1	Medium	2023-09-20
CVE-2023-40043	MOVEit Transfer System Administrator SQL Injection — MOVEit TransferCWE-89	7.2	High	2023-09-20
CVE-2023-42660	MOVEit Transfer Machine Interface SQL Injection — MOVEit TransferCWE-89	8.8	High	2023-09-20

This page lists every published CVE security advisory associated with Progress Software Corporation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Progress Software Corporation — Vulnerabilities & Security Advisories 86