CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-7201

CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote authenticated attacker to modify account properties of other users, potentially leading to account compromise. Successful exploitation requires knowledge of values that are not generally exposed to low-privileged users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.1%

CVSS Severity

CVSS v3 Score 8.8

References

https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerabilities-CVE-2026-7312-CVE-2026-7198-CVE-2026-7195-CVE-2026-7201-CVE-2026-7313-May-2026

Products affected by CVE-2026-7201

Progress » Sitefinity » Version: 15.2.8400

cpe:2.3:a:progress:sitefinity:15.2.8400
Progress » Sitefinity » Version: 15.2.8421

cpe:2.3:a:progress:sitefinity:15.2.8421
Progress » Sitefinity » Version: 15.2.8422

cpe:2.3:a:progress:sitefinity:15.2.8422
Progress » Sitefinity » Version: 15.2.8423

cpe:2.3:a:progress:sitefinity:15.2.8423
Progress » Sitefinity » Version: 15.2.8424

cpe:2.3:a:progress:sitefinity:15.2.8424
Progress » Sitefinity » Version: 15.2.8425

cpe:2.3:a:progress:sitefinity:15.2.8425
Progress » Sitefinity » Version: 15.2.8426

cpe:2.3:a:progress:sitefinity:15.2.8426
Progress » Sitefinity » Version: 15.2.8427

cpe:2.3:a:progress:sitefinity:15.2.8427
Progress » Sitefinity » Version: 15.2.8428

cpe:2.3:a:progress:sitefinity:15.2.8428
Progress » Sitefinity » Version: 15.2.8429

cpe:2.3:a:progress:sitefinity:15.2.8429
Progress » Sitefinity » Version: 15.2.8430

cpe:2.3:a:progress:sitefinity:15.2.8430
Progress » Sitefinity » Version: 15.2.8431

cpe:2.3:a:progress:sitefinity:15.2.8431
Progress » Sitefinity » Version: 15.2.8432

cpe:2.3:a:progress:sitefinity:15.2.8432
Progress » Sitefinity » Version: 15.2.8433

cpe:2.3:a:progress:sitefinity:15.2.8433
Progress » Sitefinity » Version: 15.2.8434

cpe:2.3:a:progress:sitefinity:15.2.8434
Progress » Sitefinity » Version: 15.2.8435

cpe:2.3:a:progress:sitefinity:15.2.8435
Progress » Sitefinity » Version: 15.2.8436

cpe:2.3:a:progress:sitefinity:15.2.8436
Progress » Sitefinity » Version: 15.2.8437

cpe:2.3:a:progress:sitefinity:15.2.8437
Progress » Sitefinity » Version: 15.2.8438

cpe:2.3:a:progress:sitefinity:15.2.8438
Progress » Sitefinity » Version: 15.2.8439

cpe:2.3:a:progress:sitefinity:15.2.8439
Progress » Sitefinity » Version: 15.2.8440

cpe:2.3:a:progress:sitefinity:15.2.8440
Progress » Sitefinity » Version: 15.3.8500

cpe:2.3:a:progress:sitefinity:15.3.8500
Progress » Sitefinity » Version: 15.3.8521

cpe:2.3:a:progress:sitefinity:15.3.8521
Progress » Sitefinity » Version: 15.3.8522

cpe:2.3:a:progress:sitefinity:15.3.8522
Progress » Sitefinity » Version: 15.3.8523

cpe:2.3:a:progress:sitefinity:15.3.8523
Progress » Sitefinity » Version: 15.3.8524

cpe:2.3:a:progress:sitefinity:15.3.8524
Progress » Sitefinity » Version: 15.3.8525

cpe:2.3:a:progress:sitefinity:15.3.8525
Progress » Sitefinity » Version: 15.3.8526

cpe:2.3:a:progress:sitefinity:15.3.8526
Progress » Sitefinity » Version: 15.3.8527

cpe:2.3:a:progress:sitefinity:15.3.8527
Progress » Sitefinity » Version: 15.3.8528

cpe:2.3:a:progress:sitefinity:15.3.8528
Progress » Sitefinity » Version: 15.3.8529

cpe:2.3:a:progress:sitefinity:15.3.8529
Progress » Sitefinity » Version: 15.3.8530

cpe:2.3:a:progress:sitefinity:15.3.8530
Progress » Sitefinity » Version: 15.4.8600

cpe:2.3:a:progress:sitefinity:15.4.8600
Progress » Sitefinity » Version: 15.4.8621

cpe:2.3:a:progress:sitefinity:15.4.8621
Progress » Sitefinity » Version: 15.4.8622

cpe:2.3:a:progress:sitefinity:15.4.8622
Progress » Sitefinity » Version: 15.4.8623

cpe:2.3:a:progress:sitefinity:15.4.8623
Progress » Sitefinity » Version: 15.4.8624

cpe:2.3:a:progress:sitefinity:15.4.8624
Progress » Sitefinity » Version: 15.4.8625

cpe:2.3:a:progress:sitefinity:15.4.8625
Progress » Sitefinity » Version: 15.4.8626

cpe:2.3:a:progress:sitefinity:15.4.8626
Progress » Sitefinity » Version: 15.4.8627

cpe:2.3:a:progress:sitefinity:15.4.8627
Progress » Sitefinity » Version: 15.4.8628

cpe:2.3:a:progress:sitefinity:15.4.8628
Progress » Sitefinity » Version: 15.4.8629

cpe:2.3:a:progress:sitefinity:15.4.8629

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-7201

Products

Pricing

Contact Us