Kentico CMS is affected by an access control bypass vulnerability. An attacker is able to access the installation wizard and initiate the installation of a new starter site which automatically grants Global Administrator access.
CPE | Name | Operator | Version |
---|---|---|---|
kentico.libraries | le | 9.0.50 | |
kentico.libraries | le | 10.0.47 |