CVE-2021-47712
HIGHDescription
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation.
Is your site exposed to CVE-2021-47712?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| kentico | xperience |
References
Frequently Asked Questions
What is CVE-2021-47712? +
How severe is CVE-2021-47712? +
What products are affected by CVE-2021-47712? +
How do I check if I'm vulnerable to CVE-2021-47712? +
Related Vulnerabilities
An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in …
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used …
Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the …
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows …
Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to …
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key …