exploitDog

CVE-2022-50680

Опубликовано: 18 дек. 2025

Источник: nvd

CVSS3: 4.8

EPSS Низкий

Описание

A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user browsers and steal sensitive information.

Ссылки

https://devnet.kentico.com/download/hotfixes
Product
https://www.vulncheck.com/advisories/kentico-xperience-email-marketing-stored-xss
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*

Версия до 13.0.92 (включая)

EPSS

Процентиль: 9%

0.00031

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-p5ww-mf7h-6qxg

CVSS3: 4.6

github

около 2 месяцев назад

A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user browsers and steal sensitive information.

EPSS

Процентиль: 9%

0.00031

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-79