exploitDog

CVE-2019-25230

Опубликовано: 18 дек. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls.

Ссылки

https://devnet.kentico.com/download/hotfixes
Product
https://www.vulncheck.com/advisories/kentico-xperience-user-widget-information-disclosure
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*

Версия до 12.0 (включая)

EPSS

Процентиль: 10%

0.00035

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-497

Связанные уязвимости

GHSA-chj5-cq2p-wvfv

CVSS3: 4.3

github

около 2 месяцев назад

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls.

EPSS

Процентиль: 10%

0.00035

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-497