Vulnerabilities > Kentico > Kentico > 4.1.4

DATE CVE VULNERABILITY TITLE RISK
2022-07-18 CVE-2022-32387 Unspecified vulnerability in Kentico
In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.
network
low complexity
kentico
7.5
7.5
2022-04-16 CVE-2022-29287 Authorization Bypass Through User-Controlled Key vulnerability in Kentico
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability.
network
low complexity
kentico CWE-639
4.9
4.9
2020-09-09 CVE-2020-24794 Cross-site Scripting vulnerability in Kentico
Cross Site Scripting (XSS) vulnerability in Kentico before 12.0.75.
network
low complexity
kentico CWE-79
6.1
6.1