CVE-2017-9248CISA KEVEPSS p99.4%

CVE-2017-9248Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability

Progress / ASP.NET AJAX and Sitefinity

Description

Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys (Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey), perform cross-site-scripting (XSS) attacks, compromise the ASP.NET ViewState, and/or upload and download files.

Scoring

EPSS75.10% probability of exploitation · percentile 99.4% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryProgress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerabilitykev-cve-2017-92480%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability
CVE
Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
CVE
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability
CVE
CVE-2026-6023
CVE
CVE-2026-7198
CVE
CVE-2026-7312
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.