Web application abuses : Kentico < 11.0.45 File Upload Vulnerability

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.142266

Categoría: Web application abuses

Título: Kentico < 11.0.45 File Upload Vulnerability

Resumen: Kentico CMS allows unrestricted upload of a file with a dangerous type.

Descripción: Summary:
Kentico CMS allows unrestricted upload of a file with a dangerous type.

Vulnerability Insight:
It is possible for a malicious attacker to upload dangerous file types to
perform attacks such as Cross-Site Scripting (XSS) and Cross-Origin Resource Sharing (CORS) attacks.

Affected Software/OS:
Kentico prior to version 11.0.45.

Solution:
Update to version 11.0.45.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-19453

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.142266
Categoría:	Web application abuses
Título:	Kentico < 11.0.45 File Upload Vulnerability
Resumen:	Kentico CMS allows unrestricted upload of a file with a dangerous type.
Descripción:	Summary: Kentico CMS allows unrestricted upload of a file with a dangerous type. Vulnerability Insight: It is possible for a malicious attacker to upload dangerous file types to perform attacks such as Cross-Site Scripting (XSS) and Cross-Origin Resource Sharing (CORS) attacks. Affected Software/OS: Kentico prior to version 11.0.45. Solution: Update to version 11.0.45. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-19453
Copyright	Copyright (C) 2019 Greenbone Networks GmbH