H3-2025-0026

Kentico Xperience Staging Service Authentication Bypass WT-2025-0006 Vulnerability

Description

An authentication bypass vulnerability exists in the Kentico Xperience Staging Service due to improper handling of authentication tokens in the WSE3-based authentication mechanism. An attacker can exploit this flaw to bypass authentication and gain administrative access to the Staging API without providing valid credentials.

Impact

Remote unauthenticated attackers can exploit this vulnerability to gain administrative access to the Kentico Xperience Staging API. This allows them to execute privileged API actions, including modifying CMS content, exfiltrating sensitive data, and in some cases, chaining with additional vulnerabilities to achieve Remote Code Execution (RCE).

References

• Kentico Hotfixes
• Kentico Xperience CMS Vulnerability Enables Remote Code Execution
• NVD: CVE-2025-2747