Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page.
References
Link | Resource |
---|---|
https://gist.github.com/zamous/c0afd7e21f3111de873c7bef6dcd9dd7 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-03-19 07:29
Updated : 2018-04-12 05:26
NVD link : CVE-2018-6842
Mitre link : CVE-2018-6842
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
kentico
- kentico_cms