CVE-2024-12907
Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks through manipulation of a specific GET request parameter sent to /CMSMessages/AccessDenied.aspx endpoint.
Notably, support for this version of Kentico ended in 2016. Version 8 was tested as well and does not contain this vulnerability.
Notably, support for this version of Kentico ended in 2016. Version 8 was tested as well and does not contain this vulnerability.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-01-02 16:15:07
Güncelleme
2025-01-02 16:15:07
Source Identifier
cvd@cert.pl
KEV Date Added
-