CVE-2022-50682
BaseFortify
Publication date: 2025-12-18
Last updated on: 2025-12-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kentico | xperience | to 13.0.79 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-93 | The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2022-50682 is a CRLF (Carriage Return Line Feed) injection vulnerability in Kentico Xperience's routing engine. It occurs due to improper encoding of URL query string redirects, allowing attackers to manipulate these redirects. This manipulation can lead to header injection, which may enable further web application attacks. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to inject headers via manipulated URL redirects, potentially leading to further web application attacks. This could compromise the confidentiality and integrity of data to a limited extent, as indicated by the CVSS score, and may expose users to malicious redirects or other security issues. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this CRLF injection vulnerability involves monitoring for unusual URL query string redirects that include CRLF characters or malformed headers. You can use web server logs to identify suspicious redirect patterns or use tools like curl or wget to test URL endpoints for improper encoding. For example, you might run commands such as: curl -v "http://your-kentico-site.com/path?redirect=%0d%0aInjectedHeader:InjectedValue" to see if the server improperly processes CRLF sequences in redirects. Additionally, web application scanners that detect header injection or CRLF vulnerabilities can be used. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the hotfix provided by Kentico DevNet for versions up to and including 13.0.79. Until the patch is applied, you should consider implementing input validation and sanitization on URL query strings to prevent CRLF characters, and monitor web traffic for suspicious redirect behavior. Restricting access to the affected routing engine components and employing web application firewalls (WAF) with rules to block CRLF injection attempts can also help reduce risk. [1]