THREAT OPS › CVEs › CVE-2025-2749
CVE-2025-2749 — Kentico Xperience Path Traversal Vulnerability
Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations.
Vulnerability details
- Affected productsKentico Xperience
- KEV remediation due2026-05-04
Related reporting
- April 2026 CVE Landscaperecordedfuture