← ExploitWatch
HomeExploited Vulnerabilities

CVE-2019-10068 — Actively Exploited: Xperience (Kentico)

Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.

CVE IDCVE-2019-10068
VendorKentico
ProductXperience
Vulnerability nameKentico Xperience Deserialization of Untrusted Data Vulnerability
Date added2022-03-25
Remediation due2022-04-15
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionKentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →