Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter name to CMSModules/AdminControls/Pages/UIPage.aspx or the 2 CMSBodyClass cookie variable to the default URI...

Kentico CMS 8.2 Cross Site Scripting / Open Redirect

Web application Kentico CMS 8.2 XSS / Open Redirection The CVE-2015-7823 reference is still waiting my disclosure. The exploit works on 8.2 to 8.2.41 I've contacted the vendor and he fixed the vulnerability in the next major version Vulnerability type: Reflected XSS High The elementguid variable ...