CVE-2025-2748

Published: 2025-03-24T19:15Z

Last Modified: 2025-03-24T19:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt