URL has been copied successfully!
Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 CVE-2025-2747)
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 CVE-2025-2747)


Tags: , , , , , , ,

Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS. Both issues carry a CVSS score of 9.8 (Critical) (Warning: Multiple Critical & High…

First seen on securityboulevard.com

Jump to article: securityboulevard.com/2025/03/exploited-kentico-xperience-staging-service-authentication-bypass-vulnerabilities-cve-2025-2746-cve-2025-2747/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. The 2024 cyberwar playbook: Tricks used by nation-state actors
  2. Fortinet confirms zero-day flaw used in attacks against its firewalls
  3. CISA warns of critical, high-risk flaws in ICS products from four vendors
  4. Cisco’s ISE bugs could allow root-level command execution