Kentico
Security Scorecard
Score
94B
Total CVEs
19
Patch Rate
84%
16 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical0
High5
Medium14
Low0
Patch Status
Patched16 (84%)
Partial/Workaround1 (5%)
Unpatched2 (11%)
CVEs (24)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-5591 | Kentico Xperience 13 Cross-Site Scripting Vulnerability | Medium | 5.4 | - | Patched |
| CVE-2019-25229 | Kentico Xperience MVC Form File Upload Vulnerability | High | 8.8 | - | Patched |
| CVE-2021-47711 | Kentico Xperience Online Marketing Macro SQL Injection | High | 8.8 | - | Patched |
| CVE-2023-53934 | Kentico Xperience GetResource Handler Denial of Service | High | 7.5 | - | Patched |
| CVE-2021-47712 | Kentico Xperience URL Hashing Vulnerability | High | 7.5 | - | Patched |
| CVE-2020-36890 | Kentico Xperience Access Control Bypass | High | 7.2 | 9d | Unpatched |
| CVE-2024-58318 | Kentico Xperience Rich Text Editor Stored XSS | Medium | 5.4 | - | Patched |
| CVE-2024-58319 | Kentico Xperience Pages Dashboard Widget Reflected XSS | Medium | 5.4 | - | Patched |
| CVE-2024-58317 | Kentico Xperience Cookie Security Configuration Vulnerability | Medium | 5.3 | - | Patched |
| CVE-2024-58320 | Kentico Xperience Authentication Information Disclosure | Medium | 5.3 | - | Patched |