Security advisory 2026-05-28

Copy to clipboard

Unbounded file write through content sync

CVSS: 7
Affected versions: 22.0.0 - 31.5.0
Category: Path Traversal (Arbitrary File Write)

Summary

A security issue was identified in the temporary asset file handling during content synchronization. In certain situations, insufficient validation allowed saving files outside the intended temporary directory, potentially affecting application integrity and availability.

The issue has been addressed by enforcing directory boundary checks and validating asset file extensions.

Exploitation is only possible when content sync is enabled, the instance is configured as a target, and the attacker has a valid authentication token.

How to fix

Update to the latest version. See Update Xperience by Kentico projects for detailed instructions.

Acknowledgments

This issue was reported by Ethan Pike.