CVE-2019-25228

Name of the Vulnerable Software and Affected Versions Kentico Xperience (affected versions not specified)

Description An information disclosure issue allows the leakage of virtual context URLs through the HTTP Referer header. This occurs when users interact with third-party domains, potentially exposing sensitive virtual context information to external domains during link and image loading or through page builder interactions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.