2 matches found
Kentico CMS < 8.2.42 Multiple Vulnerabilities
According to its self-reported version number, the version of Kentico CMS on the remote host is prior to 8.2.42. It is, therefore, affected by multiple vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist in the UIPage.aspx parameter name and the CMSBodyClass cookie variabl...
CVE-2015-7823
Kentico CMS 8.2.x is affected by an open redirect in CMSPages/GetDocLink.ashx via the link parameter, enabling redirection to arbitrary external sites and phishing risk. Affected range: 8.2 through 8.2.41. Remediation: upgrade to 8.2.42 or apply vendor patches that fix this open-redirect issue. T...