CVE-2023-53934
Published: 18 December 2025
Summary
CVE-2023-53934 is a high-severity Improper Neutralization of Server-Side Includes (SSI) Within a Web Page (CWE-97) vulnerability in Kentico Xperience. Its CVSS base score is 8.7 (High).
Operationally, ranked at the 27.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-204344
Vulnerability details
A denial of service vulnerability in Kentico Xperience allows attackers to launch DoS attacks via specially crafted requests to the GetResource handler. Improper input validation enables remote attackers to potentially disrupt service availability through maliciously constructed requests.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.