Authentication Bypass Vulnerability in Kentico Xperience from Kentico
CVE-2025-2746
Currently unrated
What is CVE-2025-2746?
An authentication bypass vulnerability in Kentico Xperience enables unauthorized access through flaws in handling empty SHA1 usernames during digest authentication. This weakness allows attackers to potentially gain control over administrative objects, impacting the overall security of systems utilizing Xperience up to version 13.0.172. Ensuring correct authentication practices and updating to the latest versions can mitigate the risks associated with this vulnerability.