← volver
CVE-2024-58322

Kentico Xperience <= 13.0.158 Shipping Options Stored XSS

CVSS 5.1 MEDIUMEPSS 0.1%CWE-79
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
Kentico · Xperience

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://devnet.kentico.com/download/hotfixeshttps://www.vulncheck.com/advisories/kentico-xperience-shipping-options-stored-xss