Just days after Progress Software patched a widely exploited zero-day vulnerability in its MOVEit Transfer app, the company has issued a second patch to address additional SQL Injection ...

Yet another MOVEit Transfer vulnerability, CVE-2023-35708, was discovered this week by Progress Software, the third that the company has disclosed, alongside CVE-2023-34362 and CVE-2023-35036. The ...

Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi) flaw (tracked as CVE-2023-35708) was shared online today. The ...

Progress Software warned customers today of newly found critical SQL injection vulnerabilities in its MOVEit Transfer managed file transfer (MFT) solution that can let attackers steal information from ...

Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products. The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default ...

As the fallout continues from exploits of an earlier critical vulnerability in the MOVEit file transfer tool, Progress released fixes for three more flaws in the software, including one new ...

Progress Software, the operator of the MOVEit Transfer managed file transfer product, has released a second patch for a newly discovered vulnerability distinct from CVE-2023-34362, the SQL injection ...

The vulnerability is separate from the previously disclosed critical flaw, and ‘all MOVEit Transfer customers must apply the new patch,’ Progress said Friday. Progress said Friday that MOVEit Transfer ...

A critical security threat has been discovered in the MOVEit Transfer file transfer software that would enable attackers to steal data from organizations. The zero-day vulnerability, which was ...