National Cyber Warfare Foundation (NCWF)

Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747)
0 user ratings		2025-03-26 17:43:05
milo
Blue Team (CND)

Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS. Both issues carry a CVSS score of 9.8 (Critical) (Warning: Multiple Critical & High...


The post Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747) appeared first on IONIX.


The post Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747) appeared first on Security Boulevard.



Ohad Shushan

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/03/exploited-kentico-xperience-staging-service-authentication-bypass-vulnerabilities-cve-2025-2746-cve-2025-2747/?utm_source=rss&utm_medium=rss&utm_campaign=exploited-kentico-xperience-staging-service-authentication-bypass-vulnerabilities-cve-2025-2746-cve-2025-2747

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.