Vulnerability Details CVE-2025-32369
Kentico Xperience before 13.0.181 allows authenticated users to distribute malicious content (for stored XSS) via certain interactions with the media library file upload feature.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.4%
CVSS Severity
CVSS v3 Score 6.4
References
Products affected by CVE-2025-32369
-
cpe:2.3:a:kentico:xperience:13.0.165
-
cpe:2.3:a:kentico:xperience:13.0.166
-
cpe:2.3:a:kentico:xperience:13.0.167
-
cpe:2.3:a:kentico:xperience:13.0.168
-
cpe:2.3:a:kentico:xperience:13.0.169
-
cpe:2.3:a:kentico:xperience:13.0.170
-
cpe:2.3:a:kentico:xperience:13.0.171
-
cpe:2.3:a:kentico:xperience:13.0.172
-
cpe:2.3:a:kentico:xperience:13.0.173
-
cpe:2.3:a:kentico:xperience:13.0.174
-
cpe:2.3:a:kentico:xperience:13.0.175
-
cpe:2.3:a:kentico:xperience:13.0.176
-
cpe:2.3:a:kentico:xperience:13.0.177
-
cpe:2.3:a:kentico:xperience:13.0.178
-
cpe:2.3:a:kentico:xperience:13.0.179
-
cpe:2.3:a:kentico:xperience:13.0.180