CVE-2021-47712

HIGH

7.5

CVSS Severity Score

EPSS Score0.1560%

EPSS Percentile17.46th

PublishedDec 18, 2025

Last ModifiedDec 24, 2025

Vulnerability Description

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation.

Affected Platforms (CPE)

📦

Kentico

Xperience

<= 12.0.102

References & Advisories

🔗 https://devnet.kentico.com/download/hotfixes

🔗 https://www.vulncheck.com/advisories/kentico-xperience-url-hashing-cryptography-vulnerability

Related Vulnerabilities

CVE-2025-27499.1

Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload a...

CVE-2021-477118.8

A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject malicious SQL queries via online marketi...

CVE-2019-252298.8

An unrestricted file upload vulnerability in Kentico Xperience allows authenticated users with 'Read data' permissions to upload a...

CVE-2020-368907.2

An access control bypass vulnerability in Kentico Xperience allows administrators to modify global administrator user privileges v...