THREATOPS
THREAT OPSCVEs › CVE-2025-2749

CVE-2025-2749 — Kentico Xperience Path Traversal Vulnerability

CISA KEVExploited: confirmedKentico

Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations.

Vulnerability details

Related reporting