CISA description
Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.
CVE-2019-10068
Kentico · Xperience
Kentico Xperience Deserialization of Untrusted Data Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.