Home

Description

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation.

PUBLISHED Reserved 2025-12-05 | Published 2025-12-18 | Updated 2025-12-18 | Assigner VulnCheck




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Use of a Broken or Risky Cryptographic Algorithm

Product status

Any version
affected

References

devnet.kentico.com/download/hotfixes (Kentico DevNet Hotfixes) vendor-advisory patch

www.vulncheck.com/...-url-hashing-cryptography-vulnerability (VulnCheck Advisory: Kentico Xperience <= 12.0.102 URL Hashing Cryptography Vulnerability) third-party-advisory

cve.org (CVE-2021-47712)

nvd.nist.gov (CVE-2021-47712)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.