Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Kentico Subscribe
Filtered by product Kentico

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32387 1 Kentico 1 Kentico 2022-07-25 N/A 7.5 HIGH
In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.
CVE-2019-6242 1 Kentico 1 Kentico 2020-08-24 4.0 MEDIUM 7.2 HIGH
** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vulnerability. The vendor plans to fix it at a future time.