7 matches found
Kentico Xperience CMS - Unauthenticated Stored XSS
The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178. id: CVE-2025-2748 info: name: Kentico Xperience CMS - Unauthenticated Stored XSS author...
CVE-2025-2748
The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178...
CVE-2025-2748
creationtimestamp| type| source ---|---|--- 2025-03-24 22:35:05+00:00| seen| https://t.me/cvedetector/20993 2025-03-24 22:39:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll5t66rlpk2e 2025-04-01 10:13:14+00:00| seen|...
CVE-2025-2748
The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178...
CVE-2025-2748 Kentico Xperience stored cross-site scripting in multiple-file upload functionality
The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178...
CVE-2025-2748
CVE-2025-2748 affects Kentico Xperience up to version 13.0.178. The vulnerability is an unauthenticated stored XSS caused by insufficient validation/filtering of files uploaded via the multiple-file upload feature. Remediation: upgrade to Kentico Xperience 13.0.179 or later (patches addressing th...
CVE-2025-2748 Kentico Xperience stored cross-site scripting in multiple-file upload functionality
The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178...