CVE-2023-53736

Kentico Xperience <= 13.0.120 Administration Interface Reflected XSS

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the administrative context.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Produtos afetados

Kentico · Xperience

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://devnet.kentico.com/download/hotfixes https://www.vulncheck.com/advisories/kentico-xperience-administration-interface-reflected-xss