Zakaria Amous

Researcher fromSecureworks
#20390of 53,633
12.6Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2018-17770
5.4
2018-03-19
Kentico · Kentico · CVE-2018-6842
**Name of the Vulnerable Software and Affected Versions** Kentico versions prior to 10.0.50 Kentico versions 11.0.0 through 11.0.2 **Description** The issue allows for cross-site scripting (XSS) due to improper construction of a system page when a crafted URL is used. **Recommendations** For Kentico versions prior to 10.0.50, update to version 10.0.50 or later. For Kentico versions 11.0.0 through 11.0.2, update to version 11.0.3 or later.
PT-2018-17771
7.2
2018-03-19
Kentico · Kentico · CVE-2018-6843
**Name of the Vulnerable Software and Affected Versions** Kentico versions prior to 10.0.50 Kentico versions prior to 11.0.3 **Description** The administration interface of Kentico has SQL injection. **Recommendations** For Kentico versions prior to 10.0.50, update to version 10.0.50 or later. For Kentico versions prior to 11.0.3, update to version 11.0.3 or later.