Loading
The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178.
Use CWE-79, Kentico vendor hub and Xperience product page to widen CVE-2025-2748 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-53934, CVE-2025-5591 and CVE-2024-58320 for nearby disclosures in the same product family.