Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Kentico.Xperience.AspNet.Mvc5.Libraries is an assemblies required to use the Kentico Xperience API in class libraries developed for ASP.NET MVC 5 applications. Does not include content items or other modifications intended for the MVC web application itself. Affected versions of this...

CVE-2024-58319

A concrete XSS vulnerability affects Kentico Xperience, specifically a reflected cross-site scripting flaw in the Pages dashboard widget configuration dialog. The issue is triggered via the Pages widget settings, enabling an attacker to inject and execute malicious scripts in an administrator’s b...