Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kentico — Vulnerabilities & Security Advisories 37

Browse all 37 CVE security advisories affecting Kentico. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Kentico:XperienceKentico Xperience XMSKentico CMSCMSKentico Xperience
CVE IDTitleCVSSSeverityPublished
CVE-2025-5591 Stored Cross-site Scripting (XSS) in Kentico Xperience 13 — Kentico XperienceCWE-79 5.4 -2026-01-05
CVE-2024-58323 Kentico Xperience <= 13.0.158 Checkbox Form Component Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2024-58322 Kentico Xperience <= 13.0.158 Shipping Options Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2024-58321 Kentico Xperience <= 13.0.159 Form Validation Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2024-58320 Kentico Xperience <= 13.0.159 Authentication Information Disclosure — XperienceCWE-497 5.3 Medium2025-12-18
CVE-2024-58319 Kentico Xperience <= 13.0.160 Pages Dashboard Widget Reflected XSS — XperienceCWE-79 6.1 Medium2025-12-18
CVE-2024-58318 Kentico Xperience <= 13.0.162 Rich Text Editor Stored XSS — XperienceCWE-79 6.1 Medium2025-12-18
CVE-2024-58317 Kentico Xperience <= 13.0.164 Cookie Security Configuration — XperienceCWE-614 5.3 Medium2025-12-18
CVE-2023-53934 Kentico Xperience <= 12.0.98 GetResource Handler Denial of Service — XperienceCWE-97 7.5 High2025-12-18
CVE-2023-53737 Kentico Xperience <= 13.0.101 Localization Application Stored XSS — XperienceCWE-79 4.8 Medium2025-12-18
CVE-2023-53738 Kentico Xperience <= 13.0.109 Page Preview Reflected XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2022-50685 Kentico Xperience <= 13.0.56 File Upload Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2022-50686 Kentico Xperience <= 12.0 Portal Engine Form Control Information Disclosure — XperienceCWE-209 7.5 High2025-12-18
CVE-2023-53736 Kentico Xperience <= 13.0.120 Administration Interface Reflected XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2022-50684 Kentico Xperience <= 13.0.71 Form Emails HTML Injection — XperienceCWE-79 6.1 Medium2025-12-18
CVE-2022-50683 Kentico Xperience <= 13.0.74 Form Configuration Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2022-50681 Kentico Xperience <= 13.0.88 Rich Text Editor Reflected XSS — XperienceCWE-79 6.1 Medium2025-12-18
CVE-2022-50682 Kentico Xperience <= 13.0.79 Routing Engine CRLF Injection — XperienceCWE-93 6.5 Medium2025-12-18
CVE-2022-50680 Kentico Xperience <= 13.0.92 Email Marketing Stored XSS — XperienceCWE-79 4.8 Medium2025-12-18
CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection — XperienceCWE-89 8.8 High2025-12-18
CVE-2021-47712 Kentico Xperience <= 12.0.102 URL Hashing Cryptography Vulnerability — XperienceCWE-327 7.5 High2025-12-18
CVE-2020-36890 Kentico Xperience <= 10 Administrator Access Control Bypass — XperienceCWE-862 7.2 High2025-12-18
CVE-2020-36891 Kentico Xperience <= 12.0.49 File Upload Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2020-36889 Kentico Xperience <= 12.0.90 Administration Interface Stored XSS — XperienceCWE-79 5.4 Medium2025-12-18
CVE-2019-25230 Kentico Xperience <= 12.0.0 User Widget Information Disclosure — XperienceCWE-497 4.3 Medium2025-12-18
CVE-2019-25228 Kentico Xperience <= 12.0.47 Virtual Context Information Disclosure — XperienceCWE-497 5.3 Medium2025-12-18
CVE-2019-25229 Kentico Xperience <= 12.0.29 MVC Forms Unrestricted File Upload — XperienceCWE-434 8.8 High2025-12-18
CVE-2025-32369 Kentico Xperience 安全漏洞 — XperienceCWE-79 6.4 Medium2025-04-06
CVE-2025-32370 Kentico Xperience 安全漏洞 — XperienceCWE-912 7.2 High2025-04-06
CVE-2025-2794 Kentico Xperience <= 13.0.180 Unsafe Reflection — XperienceCWE-470 7.5 -2025-03-31

This page lists every published CVE security advisory associated with Kentico. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.