CVE-2024-12907
CVE-2024-12907 affects Kentico CMS 7, where a Reflected XSS can be triggered by manipulating a specific GET parameter sent to the /CMSMessages/AccessDenied.aspx endpoint. The description notes that Kentico 7 reached end of support in 2016, and Kentico 8 has been tested and does not contain this v...