Cross Site Scripting Vulnerability in Kentico by Kentico Software
CVE-2020-24794
6.1MEDIUM
What is CVE-2020-24794?
A Cross Site Scripting (XSS) vulnerability exists in Kentico prior to version 12.0.75, which could allow an attacker to inject malicious scripts into web pages viewed by other users. By exploiting this vulnerability, unauthorized users could potentially compromise user sessions, conduct phishing attacks, or spread malware, emphasizing the importance of patching affected systems promptly.