Kentico · Kentico · CVE-2018-6842
**Name of the Vulnerable Software and Affected Versions**
Kentico versions prior to 10.0.50
Kentico versions 11.0.0 through 11.0.2
**Description**
The issue allows for cross-site scripting (XSS) due to improper construction of a system page when a crafted URL is used.
**Recommendations**
For Kentico versions prior to 10.0.50, update to version 10.0.50 or later.
For Kentico versions 11.0.0 through 11.0.2, update to version 11.0.3 or later.