Vulnerabilidades en Kentico

37 resultados
CVE-2025-2747CRITICALKentico Xperience <= 13.0.178 Staging Sync Server None Password Type Authentication BypassEPSS 91.3%KEVCVE-2025-2746CRITICALKentico Xperience <= 13.0.172 Staging Sync Server Digest Password Authentication BypassEPSS 58.0%KEVCVE-2025-2748MEDIUMKentico Xperience stored cross-site scripting in multiple-file upload functionalityEPSS 52.4%CVE-2025-2749HIGHKentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCEEPSS 3.8%KEVCVE-2025-32370HIGHKentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions for unauthenticated uploads; however, becausEPSS 1.3%CVE-2021-43991MEDIUMPersistent XSS via Avatar Upload in Kentico Xperience CMSEPSS 0.5%CVE-2025-2794HIGHKentico Xperience <= 13.0.180 Unsafe ReflectionEPSS 0.4%CVE-2024-12907MEDIUMXSS in Kentico 7EPSS 0.4%CVE-2023-53934HIGHKentico Xperience <= 12.0.98 GetResource Handler Denial of ServiceEPSS 0.4%CVE-2020-36890HIGHKentico Xperience <= 10 Administrator Access Control BypassEPSS 0.3%CVE-2019-25229HIGHKentico Xperience <= 12.0.29 MVC Forms Unrestricted File UploadEPSS 0.3%CVE-2025-2878MEDIUMKentico CMS Additional Database Installation Wizard install.aspx cross site scriptingEPSS 0.3%CVE-2021-47711HIGHKentico Xperience <= 13.0.52 Online Marketing Macros SQL InjectionEPSS 0.3%CVE-2022-50686MEDIUMKentico Xperience <= 12.0 Portal Engine Form Control Information DisclosureEPSS 0.3%CVE-2019-25228MEDIUMKentico Xperience <= 12.0.47 Virtual Context Information DisclosureEPSS 0.3%CVE-2024-58320MEDIUMKentico Xperience <= 13.0.159 Authentication Information DisclosureEPSS 0.2%CVE-2019-25230MEDIUMKentico Xperience <= 12.0.0 User Widget Information DisclosureEPSS 0.2%CVE-2025-32369MEDIUMKentico Xperience before 13.0.181 allows authenticated users to distribute malicious content (for stored XSS) via certain interactions with EPSS 0.2%CVE-2021-47712MEDIUMKentico Xperience <= 12.0.102 URL Hashing Cryptography VulnerabilityEPSS 0.2%CVE-2022-50681MEDIUMKentico Xperience <= 13.0.88 Rich Text Editor Reflected XSSEPSS 0.2%