Vulnerability cyber

Kentico

Apr 2, 2025 1 min read
Kentico

Kentico Xperience CMS, an enterprise content management system, has been compromised by exploiting a Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-2748, affecting versions up to 13.0.178. This vulnerability has enabled attackers to conduct unauthorized resource fetching and temporary file uploads, allowing them to execute remote code. Such actions could result in unauthorized access to sensitive data, session hijacking, and potentially full server compromise, posing serious threats to the integrity and confidentiality of the data managed by the CMS.

Source: https://cybersecuritynews.com/kentico-xperience-cms-xss-vulnerability/

"id": "ken021040225",
"linkid": "kentico-software",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization's existence"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.