A cross-site scripting vulnerability exists in Kentico Xperience, an ASP.NET-based content management system (CMS) from Kentico U.S. The vulnerability stems from the fact that the productβs media subsystem does not validate input data. An attacker could cause client-side code execution via XML documents through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
kentico kentico | eq | 13.0.44 |