High severity7.7NVD Advisory· Published Apr 9, 2025· Updated Apr 15, 2026
CVE-2025-1968
CVE-2025-1968
Description
Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs (Session Replay Attacks).This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231, from 15.1 before 15.1.8332, from 15.2 before 15.2.8429.
Affected products
1- Range: >=14.0 <=14.3 || >=14.4 <14.4.8145 || >=15.0 <15.0.8231 || >=15.1 <15.1.8332 || >=15.2 <15.2.8429
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.