Vulnerabilities > Kentico > Kentico > 12.0.41
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-32387 | Unspecified vulnerability in Kentico In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler. | 7.5 |
| 2022-04-16 | CVE-2022-29287 | Authorization Bypass Through User-Controlled Key vulnerability in Kentico Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. | 4.9 |
| 2020-09-09 | CVE-2020-24794 | Cross-site Scripting vulnerability in Kentico Cross Site Scripting (XSS) vulnerability in Kentico before 12.0.75. | 6.1 |
| 2019-12-02 | CVE-2019-19493 | Use of Incorrectly-Resolved Name or Reference vulnerability in Kentico Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS. | 5.4 |