← volver
CVE-2024-58323

Kentico Xperience <= 13.0.158 Checkbox Form Component Stored XSS

CVSS 5.1 MEDIUMEPSS 0.1%CWE-79
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Checkbox form component. This allows malicious scripts to execute in users' browsers by exploiting HTML support in the form builder.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
Kentico · Xperience

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://devnet.kentico.com/download/hotfixeshttps://www.vulncheck.com/advisories/kentico-xperience-checkbox-form-component-stored-xss