Vulnerabilities > Kentico > Low

DATE CVE VULNERABILITY TITLE RISK
2021-12-03 CVE-2021-43991 Cross-site Scripting vulnerability in Kentico Xperience
The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).
network
kentico CWE-79
3.5
3.5
2019-12-02 CVE-2019-19493 Use of Incorrectly-Resolved Name or Reference vulnerability in Kentico
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS.
network
kentico CWE-706
3.5
3.5
2018-03-19 CVE-2018-6842 Cross-site Scripting vulnerability in Kentico CMS
Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page.
network
kentico CWE-79
3.5
3.5