PT-2026-1201

Name of the Vulnerable Software and Affected Versions Kentico Xperience version 13 Description Kentico Xperience 13 is susceptible to a stored cross-site scripting XSS attack through a form component. This allows an attacker to hijack a victim user’s session and perform actions with the victim’s...

CVE-2024-58323

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Checkbox form component. This allows malicious scripts to execute in users' browsers by exploiting HTML support in the form builder...

CVE-2024-58323

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Checkbox form component. This allows malicious scripts to execute in users' browsers by exploiting HTML support in the form builder...

CVE-2024-58323 Kentico Xperience <= 13.0.158 Checkbox Form Component Stored XSS

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Checkbox form component. This allows malicious scripts to execute in users' browsers by exploiting HTML support in the form builder...

CVE-2024-58323

CVE-2024-58323 concerns a stored XSS in Kentico Xperience via the Checkbox form component. Connected sources identify the vulnerable element as the checkbox component’s Text property rendered through HtmlString() without proper encoding, enabling attackers to inject scripts that run in users’ bro...

PT-2025-52330

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. The issue is related to the Checkbox form component, which allows attackers to inject malicious scripts. Successful...