The content you're reading is getting on in years
This post is on the older side and its content may be out of date.
Be sure to visit our blogs homepage for our latest news, updates and information.
We’ve noticed a Sitefinity exploit making the rounds on Twitter. Furthermore, a handful of our customers have discovered this vulnerability to their web site. I’m not going to post the full details of the exploit here. Basically, the exploit involves using an unauthenticated request to a specific administrative ASPX page.
However, this exploit only succeeds if…
Several months ago, Georgi Chokov recommended these and other security best practices in his Building a secured Sitefinity website blog post. For those who haven’t already followed these instructions, I strongly suggest you do so. I also recommend that you upgrade your web sites to a current version of Sitefinity.
If you have specific questions or need help, contact support.
View all posts from The Progress Team on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.
Learn MoreSubscribe to get all the news, info and tutorials you need to build better business apps and sites
Progress collects the Personal Information set out in our Privacy Policy and the Supplemental Privacy notice for residents of California and other US States and uses it for the purposes stated in that policy.
You can also ask us not to share your Personal Information to third parties here: Do Not Sell or Share My Info
We see that you have already chosen to receive marketing materials from us. If you wish to change this at any time you may do so by clicking here.
Thank you for your continued interest in Progress. Based on either your previous activity on our websites or our ongoing relationship, we will keep you updated on our products, solutions, services, company news and events. If you decide that you want to be removed from our mailing lists at any time, you can change your contact preferences by clicking here.