CVE-2020-36890
EUVD-2025-20436418.12.2025, 20:15
An access control bypass vulnerability in Kentico Xperience allows administrators to modify global administrator user privileges via unauthorized requests. Attackers could potentially compromise global administrator accounts and invalidate security-sensitive macros by manipulating user privilege levels.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| kentico | xperience | 𝑥 ≤ 12.0.60 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration