CVE-2024-58320
Kentico Xperience <= 13.0.159 Authentication Information Disclosure
An information disclosure vulnerability in Kentico Xperience allows public users to access sensitive administration interface hostname details during authentication. Attackers can retrieve confidential hostname configuration information through a public endpoint, potentially exposing internal network details.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Kentico · XperienceQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →