CVE-2025-2748

Description

The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178.

References

https://devnet.kentico.com/download/hotfixes

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3