CNNVD-202512-3392 Information

CNNVD ID

CNNVD-202512-3392

Related CVE

CVE-2022-50684

• CNNVD Published: 2025-12-18

Description (Chinese)

Kentico Xperience是Kentico公司的一个数字体验平台。 Kentico Xperience存在跨站脚本漏洞，该漏洞源于未编码的表单字段可能被注入恶意HTML值，导致HTML注入攻击。

Description (English)

Kentico Xperience is a digital experience platform for Kentico. Kentico Xperience has a cross-site script loophole, which stems from the fact that uncoded table fields may be injected into malicious HTML values, leading to HTML injection attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Kentico

Published

2025-12-18

Last Modified

2026-02-24

References

https://devnet.kentico.com/download/hotfixes https://www.vulncheck.com/advisories/kentico-xperience-form-emails-html-injection

Patch

https://devnet.kentico.com/download/hotfixes