2025-12-18 19:53:37
VulnCheck
PUBLISHED
A cookie security configuration vulnerability in Kentico Xperience allows attackers to bypass SSL requirements when setting administration cookies via web.config. The vulnerability affects .NET Framework projects by incorrectly handling the requireSSL attribute, potentially compromising session security and authentication state.