Описание
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Checkbox form component. This allows malicious scripts to execute in users' browsers by exploiting HTML support in the form builder.
Уязвимые конфигурации
Конфигурация 1Версия до 13.0.158 (включая)
cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.6
github
около 2 месяцев назад
A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Checkbox form component. This allows malicious scripts to execute in users' browsers by exploiting HTML support in the form builder.
EPSS
Процентиль: 9%
0.00034
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79