Loading
Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter name to CMSModules/AdminControls/Pages/UIPage.aspx or the (2) CMSBodyClass cookie variable to the default URI.
Use CWE-79, Kentico vendor hub and Kentico Cms product page to widen CVE-2015-7822 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-27581 and CVE-2015-7823 for nearby disclosures in the same product family.