Kentico: Security Vulnerabilities
An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code execution.This issue affects Kentico Xperience through 13.0.178.
CVSS Score
7.2
EPSS Score
0.012
Published
2025-03-24
CVE-2025-2746
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172.
Known exploited
CVSS Score
9.8
EPSS Score
0.874
Published
2025-03-24
CVE-2025-2747
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.178.
Known exploited
CVSS Score
9.8
EPSS Score
0.889
Published
2025-03-24
In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.
CVSS Score
7.5
EPSS Score
0.01
Published
2022-07-18
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password).
CVSS Score
4.9
EPSS Score
0.003
Published
2022-04-16
Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-01-10
The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data.
CVSS Score
6.8
EPSS Score
0.003
Published
2021-12-03
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-03-05
Cross Site Scripting (XSS) vulnerability in Kentico before 12.0.75.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-09-09
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS.
CVSS Score
5.4
EPSS Score
0.007
Published
2019-12-02