CVE-2025-32370

HIGH

Kentico Xperience < 13.0.178 - Unauthenticated Arbitrary File Write via ZIP Upload Handler

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-32370. PoCs published by Alex Messham.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated ZIP file upload vulnerability in Kentico Xperience, embedding an SVG with XSS payload. The script automates the creation, zipping, and upload of the malicious file.

Description

Kentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions for unauthenticated uploads; however, because .zip is processed through TryZipProviderSafe, there is additional functionality to create files with other extensions. NOTE: this is a separate issue not necessarily related to SVG or XSS.

Exploits (1)

exploitdb WORKING POC
by Alex Messham · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52290

This exploit demonstrates an unauthenticated ZIP file upload vulnerability in Kentico Xperience, embedding an SVG with XSS payload. The script automates the creation, zipping, and upload of the malicious file.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Kentico Xperience before 13.0.178
No auth needed
Prerequisites: Network access to the target upload endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.2
EPSS 0.0134
EPSS Percentile 67.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-912 CWE-434
Status published
Products (1)
kentico/xperience < 13.0.178
Published Apr 06, 2025
Tracked Since Feb 18, 2026