exploitDog

CVE-2021-47712

Опубликовано: 18 дек. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation.

Ссылки

https://devnet.kentico.com/download/hotfixes
Product
https://www.vulncheck.com/advisories/kentico-xperience-url-hashing-cryptography-vulnerability
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*

Версия до 12.0.102 (включая)

EPSS

Процентиль: 3%

0.00017

Низкий

7.5 High

CVSS3

Дефекты

CWE-327

Связанные уязвимости

GHSA-9jrm-mcr7-5p6m

CVSS3: 7.5

github

около 2 месяцев назад

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation.

EPSS

Процентиль: 3%

0.00017

Низкий

7.5 High

CVSS3

Дефекты

CWE-327