4 matches found
CVE-2024-58322
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...
CVE-2024-58322
Kentico Xperience CVE-2024-58322 is a stored XSS in the shipping options configuration. Affected component is the ecommerce.shippingoption form; the underlying issue is improper handling of user-supplied data in shipping option fields (description, carrier display name). Remediation provided in s...
CVE-2024-58322 Kentico Xperience <= 13.0.158 Shipping Options Stored XSS
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...
PT-2025-52329
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. This allows attackers to inject malicious code into shipping options configuration. Successful exploitation could...