CVE-2022-50681

Name of the Vulnerable Software and Affected Versions Kentico Xperience (affected versions not specified)

Description A reflected cross-site scripting issue exists in Kentico Xperience. This allows attackers to inject malicious scripts through administration input fields within the Rich text editor component. Successful exploitation can lead to the execution of arbitrary scripts in the browsers of users. The vulnerability is triggered by manipulating input in the Rich text editor.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.