Volerion logoVolerion
Volerion logoVolerion

Kentico Xperience Stored Cross-Site Scripting Vulnerability via Media Library File Upload

Vulnerability

A stored cross-site scripting vulnerability has been identified in Kentico Xperience versions prior to 13.0.181. This issue allows authenticated users to upload malicious content through the media library file upload feature, which is then executed as script. The vulnerability arises from improper handling of file uploads, specifically with SVG files, which can contain executable scripts.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where uploaded SVG files are executed as scripts when accessed.

Reproduction

To reproduce this vulnerability, upload a ZIP file containing a malicious SVG file to the media library using the 'MultiFileUploader.ashx' endpoint. Ensure that the uploaded file is in a temporary directory within the webroot. After uploading, use the 'GetResource.ashx' endpoint to fetch the SVG file, triggering the execution of the embedded script.

Remediation

Users should update to Kentico Xperience version 13.0.181 or later, where this vulnerability has been patched.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
3.4
impact
10.0
exploitability
7.8
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.