exploitDog

GHSA-739f-j5mp-m83f

Опубликовано: 18 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 4.6

Описание

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts via page preview URLs. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers during page preview interactions.

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts via page preview URLs. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers during page preview interactions.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

5.1 Medium

CVSS4

4.6 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-53738

CVSS3: 5.4

nvd

около 2 месяцев назад

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts via page preview URLs. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers during page preview interactions.

EPSS

Процентиль: 11%

0.00038

Низкий

5.1 Medium

CVSS4

4.6 Medium

CVSS3

CVE ID

Дефекты

CWE-79