CVE-2023-53934

Summary

A denial of service vulnerability in Kentico Xperience allows attackers to launch DoS attacks via specially crafted requests to the GetResource handler. Improper input validation enables remote attackers to potentially disrupt service availability through maliciously constructed requests.

Affected Software

VendorProductVersion RangeStatus
KenticoXperience0 <= 12.0.98affected

Weaknesses

  • CWE-97: Improper Neutralization of Server-Side Includes (SSI) Within a Web Page

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References