CVE-2024-12907
Vulnerability Description
Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks through manipulation of a specific GET request parameter sent to /CMSMessages/AccessDenied.aspx endpoint.
Notably, support for this version of Kentico ended in 2016. Version 8 was tested as well and does not contain this vulnerability.
Notably, support for this version of Kentico ended in 2016. Version 8 was tested as well and does not contain this vulnerability.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!