CNNVD-202512-3397 Information

CNNVD ID

CNNVD-202512-3397

Related CVE

CVE-2021-47712

• CNNVD Published: 2025-12-18

Description (Chinese)

Kentico Xperience是Kentico公司的一个数字体验平台。 Kentico Xperience存在加密问题漏洞，该漏洞源于现有哈希机制可能被操纵，导致URL哈希值被篡改。

Description (English)

Kentico Xperience is a digital experience platform for Kentico. Kentico Xperience has a encryption loophole, which stems from the possible manipulation of the existing Hashi mechanism, leading to the tampering of the URL Hashi values.

Hazard Level

Medium

Vulnerability Type

加密问题

Affected Vendor

Kentico

Published

2025-12-18

Last Modified

2026-02-24

References

https://devnet.kentico.com/download/hotfixes https://www.vulncheck.com/advisories/kentico-xperience-url-hashing-cryptography-vulnerability

Patch

https://devnet.kentico.com/download/hotfixes