CNNVD-202512-3375 Information
Dec 18, 2025
cve
CNNVD ID
CNNVD-202512-3375
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
Kentico Xperience是Kentico公司的一个数字体验平台。 Kentico Xperience存在安全漏洞,该漏洞源于cookie安全配置不当,可能导致会话安全和身份验证状态受损。
Description (English)
Kentico Xperience is a digital experience platform for Kentico. There is a security loophole in Kentico Xperience, which stems from the inappropriate security configuration of Cookie, which could lead to damage to the security of the conversation and the identification status.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Kentico
Published
2025-12-18
Last Modified
2026-02-24
References
https://devnet.kentico.com/download/hotfixes https://www.vulncheck.com/advisories/kentico-xperience-cookie-security-configuration
Patch
https://devnet.kentico.com/download/hotfixes
Share on: