Bluesoft

**Name of the Vulnerable Software and Affected Versions** Kentico Xperience (affected versions not specified) **Description** A stored cross-site scripting issue exists in Kentico Xperience. This allows attackers to inject malicious scripts through the configuration of form validation rules. Successful exploitation can lead to the execution of malicious scripts within the context of a user's browser. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kentico Xperience (affected versions not specified) **Description** A stored cross-site scripting issue exists in Kentico Xperience. This allows attackers to inject malicious code into shipping options configuration. Successful exploitation could result in the execution of malicious scripts in users' browsers, potentially leading to sensitive data theft. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kentico Xperience (affected versions not specified) **Description** A stored cross-site scripting issue exists in Kentico Xperience. The issue is related to the Checkbox form component, which allows attackers to inject malicious scripts. Successful exploitation allows the execution of these scripts in the browsers of users. The vulnerability is due to HTML support within the form builder. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.