CVE-2021-47711

Name of the Vulnerable Software and Affected Versions Kentico Xperience (affected versions not specified)

Description A SQL injection issue exists in Kentico Xperience, potentially allowing authenticated editors to inject malicious SQL queries through online marketing macro method parameters. This is due to weaknesses in input validation for macro method inputs. Successful exploitation could lead to unauthorized database access and data manipulation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.