CVE-2024-58320
Kentico Xperience <= 13.0.159 Authentication Information Disclosure
An information disclosure vulnerability in Kentico Xperience allows public users to access sensitive administration interface hostname details during authentication. Attackers can retrieve confidential hostname configuration information through a public endpoint, potentially exposing internal network details.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
Kentico · Xperience¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →