Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
82 vulnerabilities by sitecore
CVE-2025-53692 (GCVE-0-2025-53692)
Vulnerability from nvd – Published: 2025-09-21 19:42 – Updated: 2025-09-22 17:27
VLAI
EPSS
VEX
Title
Sitecore Experience Platform Cross-Site Scripting Vulnerability
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Sitecore Experience Manager (XM) |
Affected:
9.2 , ≤ 10.4
(semver)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
9.2 , ≤ 10.4
(semver)
|
Date Public
2025-09-21 19:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T17:27:03.884556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T17:27:11.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitecore Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-21T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-21T19:42:46.643Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003734"
},
{
"url": "https://labs.watchtowr.com/disclosed-vulnerabilities/"
},
{
"url": "https://chudypb.github.io/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore Experience Platform Cross-Site Scripting Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53692",
"datePublished": "2025-09-21T19:42:46.643Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-22T17:27:11.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53690 (GCVE-0-2025-53690)
Vulnerability from nvd – Published: 2025-09-03 20:04 – Updated: 2026-02-26 17:49Title
Sitecore Products ViewState Deserialization Vulnerability
Summary
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.
Severity
9 (Critical)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager (XM) |
Affected:
0 , ≤ 9.0
(semver)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
0 , ≤ 9.0
(semver)
|
Date Public
2025-09-03 18:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53690",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T03:55:32.553435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-09-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-53690"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:44.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-53690"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-04T00:00:00.000Z",
"value": "CVE-2025-53690 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eCustomers who followed the deployment instructions provided with XP 9.0 or earlier and Active Directory 1.4 or earlier and used the sample machine key (for example, machine key: BDDFE367CD..., validation key: 0DAC68D020...) are vulnerable.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Customers who followed the deployment instructions provided with XP 9.0 or earlier and Active Directory 1.4 or earlier and used the sample machine key (for example, machine key: BDDFE367CD..., validation key: 0DAC68D020...) are vulnerable."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mandiant Threat Defense"
}
],
"datePublic": "2025-09-03T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.\u003cp\u003eThis issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.\u003c/p\u003e"
}
],
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T20:04:48.223Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003865"
}
],
"source": {
"discovery": "USER"
},
"title": "Sitecore Products ViewState Deserialization Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53690",
"datePublished": "2025-09-03T20:04:48.223Z",
"dateReserved": "2025-07-08T14:21:02.028Z",
"dateUpdated": "2026-02-26T17:49:44.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53694 (GCVE-0-2025-53694)
Vulnerability from nvd – Published: 2025-09-03 12:36 – Updated: 2025-09-03 13:57
VLAI
EPSS
VEX
Title
Information Disclosure in ItemServices API
Summary
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Sitecore Experience Manager (XM) |
Affected:
9.2 , ≤ 10.4
(semver)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
9.2 , ≤ 10.4
(semver)
|
Date Public
2025-09-03 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53694",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T13:57:48.453027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T13:57:58.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitecore Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"datePublic": "2025-09-03T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).\u003cp\u003eThis issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.\u003c/p\u003e"
}
],
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:36:37.520Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003734"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Information Disclosure in ItemServices API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53694",
"datePublished": "2025-09-03T12:36:37.520Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-03T13:57:58.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53693 (GCVE-0-2025-53693)
Vulnerability from nvd – Published: 2025-09-03 12:36 – Updated: 2025-09-03 13:53
VLAI
EPSS
VEX
Title
HTML Cache Poisoning through Unsafe Reflections
Summary
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Sitecore Experience Manager (XM) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
|
| Sitecore | Experience Platform (XP) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
Date Public
2025-09-03 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53693",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T13:49:59.488662Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T13:53:40.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitecore Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"datePublic": "2025-09-03T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.\u003cp\u003eThis issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.\u003c/p\u003e"
}
],
"value": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-141",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-141 Cache Poisoning"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:36:53.745Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HTML Cache Poisoning through Unsafe Reflections",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53693",
"datePublished": "2025-09-03T12:36:53.745Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-03T13:53:40.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53691 (GCVE-0-2025-53691)
Vulnerability from nvd – Published: 2025-09-03 12:36 – Updated: 2025-09-03 13:49
VLAI
EPSS
VEX
Title
Sitecore Experience Remote Code Execution through Insecure Deserialization
Summary
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager (XM) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
|
| Sitecore | Experience Platform (XP) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
Date Public
2025-09-03 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53691",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T13:49:10.233307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T13:49:39.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"datePublic": "2025-09-03T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).\u003cp\u003eThis issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.\u003c/p\u003e"
}
],
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:36:59.561Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore Experience Remote Code Execution through Insecure Deserialization",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53691",
"datePublished": "2025-09-03T12:36:59.561Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-03T13:49:39.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-34139 (GCVE-0-2025-34139)
Vulnerability from nvd – Published: 2025-07-25 15:54 – Updated: 2025-11-19 01:28
VLAI
EPSS
VEX
Title
Sitecore XM/XP/XC and Managed Cloud 8.0 - 10.4 Arbitrary File Read
Summary
A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud that could allow an unauthenticated attacker to read arbitrary files. This vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-xm-… | third-party-advisory |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager (XM) |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
|
| Sitecore | Experience Commerce (XC) |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
|
| Sitecore | Managed Cloud |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T18:20:58.705145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T18:21:11.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Commerce (XC)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Managed Cloud",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:managed_cloud:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sitecore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in Sitecore\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eExperience Manager (XM),\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eExperience Platform (XP),\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eExperience Commerce (XC), and\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eManaged Cloud that could allow an unauthenticated attacker to read arbitrary files\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003e.\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003e\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eThis vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected.\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability exists in Sitecore\u00a0Experience Manager (XM),\u00a0Experience Platform (XP),\u00a0Experience Commerce (XC), and\u00a0Managed Cloud that could allow an unauthenticated attacker to read arbitrary files.\u00a0This vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:28:37.079Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003650"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003661"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xm-xp-xc-managed-cloud-arbitrary-file-read"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XM/XP/XC and Managed Cloud 8.0 - 10.4 Arbitrary File Read",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34139",
"datePublished": "2025-07-25T15:54:25.297Z",
"dateReserved": "2025-04-15T19:15:22.563Z",
"dateUpdated": "2025-11-19T01:28:37.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-4979 (GCVE-0-2022-4979)
Vulnerability from nvd – Published: 2025-07-25 15:55 – Updated: 2026-03-23 15:43
VLAI
EPSS
VEX
Title
Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS
Summary
A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-xp-… | third-party-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Platform |
Affected:
7.5 Initial Release , ≤ 7.5 Update-2
(custom)
Affected: 8.0 Initial Release , ≤ 8.0 Update-7 (custom) Affected: 8.1 Initial Release , ≤ 8.1 Update-3 (custom) Affected: 8.2 Initial Release , ≤ 8.2 Update-7 (custom) Affected: 9.0 Initial Release , ≤ 9.0 Update-2 (custom) Affected: 9.1 Initial Release , ≤ 9.1 Update 1 (custom) Affected: 9.2 Initial Release Affected: 9.3 Initial Release Affected: 10.0 Initial Release , ≤ 10.0 Update-3 (custom) Affected: 10.1 Initial Release , ≤ 10.1 Update-2 (custom) Affected: 10.2 Initial Release |
|
| Sitecore | Content Mangement System (CMS) |
Affected:
7.2 Initial Release , ≤ 7.2 Update-6
(custom)
|
|
| Sitecore | Managed Cloud |
Affected:
*
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T17:39:41.562664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T17:43:58.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.5 Update-2",
"status": "affected",
"version": "7.5 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.0 Update-7",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1 Update-3",
"status": "affected",
"version": "8.1 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.2 Update-7",
"status": "affected",
"version": "8.2 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0 Update-2",
"status": "affected",
"version": "9.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.1 Update 1",
"status": "affected",
"version": "9.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.2 Initial Release"
},
{
"status": "affected",
"version": "9.3 Initial Release"
},
{
"lessThanOrEqual": "10.0 Update-3",
"status": "affected",
"version": "10.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1 Update-2",
"status": "affected",
"version": "10.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "10.2 Initial Release"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Content Mangement System (CMS)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.2 Update-6",
"status": "affected",
"version": "7.2 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Managed Cloud",
"vendor": "Sitecore",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:7.5:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update1",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.2:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.2:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:cms:7.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update6",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:managed_cloud:-:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow \u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eauthenticated Sitecore Shell users to be tricked into executing custom JS code\u003c/span\u003e. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.\u003c/p\u003e"
}
],
"value": "A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:43:29.702Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001489"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001539"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xp-cms-managed-cloud-xss"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2022-4979",
"datePublished": "2025-07-25T15:55:36.039Z",
"dateReserved": "2025-07-24T15:19:26.600Z",
"dateUpdated": "2026-03-23T15:43:29.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2015-10142 (GCVE-0-2015-10142)
Vulnerability from nvd – Published: 2025-07-25 15:55 – Updated: 2026-05-15 11:14
VLAI
EPSS
VEX
Title
Sitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known Path
Summary
Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to 7.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL. Affected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-xp-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Platform (XP) |
Affected:
0 , < 8.0 Initial Release (rev. 141212)
(custom)
|
|
| Sitecore | Content Management System (CMS) |
Affected:
0 , < 7.2 Update-3 (rev. 141226)
(custom)
Affected: 0 , < 7.5 Update-1 (rev. 150130) (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2015-10142",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T17:59:28.214075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T17:59:33.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "8.0 Initial Release (rev. 141212)",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Content Management System (CMS)",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "7.2 Update-3 (rev. 141226)",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.5 Update-1 (rev. 150130)",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sitecore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to\u0026nbsp;7.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL.\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eAffected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to\u00a07.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL.\u00a0Affected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T11:14:25.020Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB0816762"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002377"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xp-cms-file-read-via-known-path"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XP \u003c 8.0 and CMS \u003c 7.2 and \u003c 7.5 File Read via Known Path",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2015-10142",
"datePublished": "2025-07-25T15:55:07.308Z",
"dateReserved": "2025-07-24T13:58:09.937Z",
"dateUpdated": "2026-05-15T11:14:25.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34138 (GCVE-0-2025-34138)
Vulnerability from nvd – Published: 2025-07-25 15:54 – Updated: 2025-12-04 16:22
VLAI
EPSS
VEX
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority, as it is a duplicate of CVE-2025-53692 and CVE-2025-53694.
Replaced by CVE-2025-53692
Replaced by CVE-2025-53694
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2025-12-04T16:22:54.196Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"rejectedReasons": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority, as it is a duplicate of\u0026nbsp;CVE-2025-53692 and\u0026nbsp;CVE-2025-53694."
}
],
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority, as it is a duplicate of\u00a0CVE-2025-53692 and\u00a0CVE-2025-53694."
}
],
"replacedBy": [
"CVE-2025-53692",
"CVE-2025-53694"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34138",
"datePublished": "2025-07-25T15:54:47.306Z",
"dateRejected": "2025-12-04T16:22:54.196Z",
"dateReserved": "2025-04-15T19:15:22.562Z",
"dateUpdated": "2025-12-04T16:22:54.196Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36850 (GCVE-0-2020-36850)
Vulnerability from nvd – Published: 2025-07-25 15:54 – Updated: 2026-03-05 12:02
VLAI
EPSS
VEX
Title
Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure
Summary
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-jss… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | JSS React Sample Application |
Affected:
11.0.0 , ≤ 14.0.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T18:22:38.866101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T18:22:43.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JSS React Sample Application",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "14.0.1",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:sitecore.net:*:*:*:*:*:*:*:*",
"versionEndIncluding": "14.0.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sitecore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user."
}
],
"value": "An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user."
}
],
"impacts": [
{
"capecId": "CAPEC-124",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-124 Shared Resource Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T12:02:21.538Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB0750906"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001612"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-jss-react-sample-application-info-disc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36850",
"datePublished": "2025-07-25T15:54:04.348Z",
"dateReserved": "2025-07-24T15:11:08.166Z",
"dateUpdated": "2026-03-05T12:02:21.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34511 (GCVE-0-2025-34511)
Vulnerability from nvd – Published: 2025-06-17 19:05 – Updated: 2026-02-26 17:50
VLAI
EPSS
VEX
Title
Sitecore PowerShell Extension RCE via Unrestricted Upload
Summary
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://labs.watchtowr.com/is-b-for-backdoor-pre-… | third-party-advisoryexploittechnical-description |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Powershell Extension |
Affected:
0 , ≤ 7.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34511",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:11.522059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:30.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Powershell Extension",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.0",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution."
}
],
"value": "Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T15:31:41.382Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore PowerShell Extension RCE via Unrestricted Upload",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34511",
"datePublished": "2025-06-17T19:05:10.466Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2026-02-26T17:50:30.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34510 (GCVE-0-2025-34510)
Vulnerability from nvd – Published: 2025-06-17 18:46 – Updated: 2026-02-26 17:50
VLAI
EPSS
VEX
Title
Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip
Summary
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://labs.watchtowr.com/is-b-for-backdoor-pre-… | third-party-advisoryexploittechnical-description |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
|
| Sitecore | Experience Platform |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
|
| Sitecore | Experience Commerce |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34510",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:12.568004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:31.002Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Commerce",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:24:03.216Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apply the vendor provided hotpatch."
}
],
"value": "Apply the vendor provided hotpatch."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34510",
"datePublished": "2025-06-17T18:46:04.239Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2026-02-26T17:50:31.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34509 (GCVE-0-2025-34509)
Vulnerability from nvd – Published: 2025-06-17 18:20 – Updated: 2026-02-26 17:50Title
Sitecore XM and XP Hardcoded Credentials
Summary
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://labs.watchtowr.com/is-b-for-backdoor-pre-… | third-party-advisoryexploittechnical-description |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
10.4 , < 10.4.1 rev. 011941 PRE
(custom)
Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom) Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom) |
|
| Sitecore | Experience Platform |
Affected:
10.4 , < 10.4.1 rev. 011941 PRE
(custom)
Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom) Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34509",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:10.468989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:31.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-27T16:47:40.562Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to patched versions."
}
],
"value": "Update to patched versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM and XP Hardcoded Credentials",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34509",
"datePublished": "2025-06-17T18:20:57.441Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2026-02-26T17:50:31.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-46938 (GCVE-0-2024-46938)
Vulnerability from nvd – Published: 2024-09-15 00:00 – Updated: 2024-09-17 15:06Summary
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| sitecore | experience_platform |
Affected:
8.0 , < 10.4
(custom)
cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:* |
|
| sitecore | experience_manager |
Affected:
8.0 , < 10.4
(custom)
cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:* |
|
| sitecore | experience_commerce |
Affected:
8.0 , < 10.4
(custom)
cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experience_platform",
"vendor": "sitecore",
"versions": [
{
"lessThan": "10.4",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experience_manager",
"vendor": "sitecore",
"versions": [
{
"lessThan": "10.4",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experience_commerce",
"vendor": "sitecore",
"versions": [
{
"lessThan": "10.4",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-46938",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T15:03:29.479669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T15:06:07.924Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-15T21:48:11.439Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003408"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-46938",
"datePublished": "2024-09-15T00:00:00.000Z",
"dateReserved": "2024-09-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T15:06:07.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35813 (GCVE-0-2023-35813)
Vulnerability from nvd – Published: 2023-06-17 00:00 – Updated: 2024-12-17 16:20Summary
Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002979"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T16:19:13.632398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T16:20:49.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002979"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-35813",
"datePublished": "2023-06-17T00:00:00.000Z",
"dateReserved": "2023-06-17T00:00:00.000Z",
"dateUpdated": "2024-12-17T16:20:49.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53692 (GCVE-0-2025-53692)
Vulnerability from cvelistv5 – Published: 2025-09-21 19:42 – Updated: 2025-09-22 17:27
VLAI
EPSS
VEX
Title
Sitecore Experience Platform Cross-Site Scripting Vulnerability
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Sitecore Experience Manager (XM) |
Affected:
9.2 , ≤ 10.4
(semver)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
9.2 , ≤ 10.4
(semver)
|
Date Public
2025-09-21 19:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T17:27:03.884556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T17:27:11.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitecore Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-21T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-21T19:42:46.643Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003734"
},
{
"url": "https://labs.watchtowr.com/disclosed-vulnerabilities/"
},
{
"url": "https://chudypb.github.io/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore Experience Platform Cross-Site Scripting Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53692",
"datePublished": "2025-09-21T19:42:46.643Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-22T17:27:11.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53690 (GCVE-0-2025-53690)
Vulnerability from cvelistv5 – Published: 2025-09-03 20:04 – Updated: 2026-02-26 17:49Title
Sitecore Products ViewState Deserialization Vulnerability
Summary
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.
Severity
9 (Critical)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager (XM) |
Affected:
0 , ≤ 9.0
(semver)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
0 , ≤ 9.0
(semver)
|
Date Public
2025-09-03 18:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53690",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T03:55:32.553435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-09-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-53690"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:44.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-53690"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-04T00:00:00.000Z",
"value": "CVE-2025-53690 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eCustomers who followed the deployment instructions provided with XP 9.0 or earlier and Active Directory 1.4 or earlier and used the sample machine key (for example, machine key: BDDFE367CD..., validation key: 0DAC68D020...) are vulnerable.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Customers who followed the deployment instructions provided with XP 9.0 or earlier and Active Directory 1.4 or earlier and used the sample machine key (for example, machine key: BDDFE367CD..., validation key: 0DAC68D020...) are vulnerable."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mandiant Threat Defense"
}
],
"datePublic": "2025-09-03T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.\u003cp\u003eThis issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.\u003c/p\u003e"
}
],
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T20:04:48.223Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003865"
}
],
"source": {
"discovery": "USER"
},
"title": "Sitecore Products ViewState Deserialization Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53690",
"datePublished": "2025-09-03T20:04:48.223Z",
"dateReserved": "2025-07-08T14:21:02.028Z",
"dateUpdated": "2026-02-26T17:49:44.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53691 (GCVE-0-2025-53691)
Vulnerability from cvelistv5 – Published: 2025-09-03 12:36 – Updated: 2025-09-03 13:49
VLAI
EPSS
VEX
Title
Sitecore Experience Remote Code Execution through Insecure Deserialization
Summary
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager (XM) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
|
| Sitecore | Experience Platform (XP) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
Date Public
2025-09-03 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53691",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T13:49:10.233307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T13:49:39.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"datePublic": "2025-09-03T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).\u003cp\u003eThis issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.\u003c/p\u003e"
}
],
"value": "Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:36:59.561Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore Experience Remote Code Execution through Insecure Deserialization",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53691",
"datePublished": "2025-09-03T12:36:59.561Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-03T13:49:39.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53693 (GCVE-0-2025-53693)
Vulnerability from cvelistv5 – Published: 2025-09-03 12:36 – Updated: 2025-09-03 13:53
VLAI
EPSS
VEX
Title
HTML Cache Poisoning through Unsafe Reflections
Summary
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Sitecore Experience Manager (XM) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
|
| Sitecore | Experience Platform (XP) |
Affected:
9.0 , ≤ 9.3
(semver)
Affected: 10.0 , ≤ 10.4 (semver) |
Date Public
2025-09-03 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53693",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T13:49:59.488662Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T13:53:40.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitecore Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"datePublic": "2025-09-03T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.\u003cp\u003eThis issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.\u003c/p\u003e"
}
],
"value": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-141",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-141 Cache Poisoning"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:36:53.745Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HTML Cache Poisoning through Unsafe Reflections",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53693",
"datePublished": "2025-09-03T12:36:53.745Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-03T13:53:40.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53694 (GCVE-0-2025-53694)
Vulnerability from cvelistv5 – Published: 2025-09-03 12:36 – Updated: 2025-09-03 13:57
VLAI
EPSS
VEX
Title
Information Disclosure in ItemServices API
Summary
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Sitecore Experience Manager (XM) |
Affected:
9.2 , ≤ 10.4
(semver)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
9.2 , ≤ 10.4
(semver)
|
Date Public
2025-09-03 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53694",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T13:57:48.453027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T13:57:58.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitecore Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"datePublic": "2025-09-03T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).\u003cp\u003eThis issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.\u003c/p\u003e"
}
],
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:36:37.520Z",
"orgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"shortName": "Wiz"
},
"references": [
{
"url": "https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/"
},
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003734"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Information Disclosure in ItemServices API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9947ef80-c5d5-474a-bbab-97341a59000e",
"assignerShortName": "Wiz",
"cveId": "CVE-2025-53694",
"datePublished": "2025-09-03T12:36:37.520Z",
"dateReserved": "2025-07-08T14:21:02.029Z",
"dateUpdated": "2025-09-03T13:57:58.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4979 (GCVE-0-2022-4979)
Vulnerability from cvelistv5 – Published: 2025-07-25 15:55 – Updated: 2026-03-23 15:43
VLAI
EPSS
VEX
Title
Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS
Summary
A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-xp-… | third-party-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Platform |
Affected:
7.5 Initial Release , ≤ 7.5 Update-2
(custom)
Affected: 8.0 Initial Release , ≤ 8.0 Update-7 (custom) Affected: 8.1 Initial Release , ≤ 8.1 Update-3 (custom) Affected: 8.2 Initial Release , ≤ 8.2 Update-7 (custom) Affected: 9.0 Initial Release , ≤ 9.0 Update-2 (custom) Affected: 9.1 Initial Release , ≤ 9.1 Update 1 (custom) Affected: 9.2 Initial Release Affected: 9.3 Initial Release Affected: 10.0 Initial Release , ≤ 10.0 Update-3 (custom) Affected: 10.1 Initial Release , ≤ 10.1 Update-2 (custom) Affected: 10.2 Initial Release |
|
| Sitecore | Content Mangement System (CMS) |
Affected:
7.2 Initial Release , ≤ 7.2 Update-6
(custom)
|
|
| Sitecore | Managed Cloud |
Affected:
*
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T17:39:41.562664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T17:43:58.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.5 Update-2",
"status": "affected",
"version": "7.5 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.0 Update-7",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1 Update-3",
"status": "affected",
"version": "8.1 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.2 Update-7",
"status": "affected",
"version": "8.2 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0 Update-2",
"status": "affected",
"version": "9.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.1 Update 1",
"status": "affected",
"version": "9.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.2 Initial Release"
},
{
"status": "affected",
"version": "9.3 Initial Release"
},
{
"lessThanOrEqual": "10.0 Update-3",
"status": "affected",
"version": "10.0 Initial Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1 Update-2",
"status": "affected",
"version": "10.1 Initial Release",
"versionType": "custom"
},
{
"status": "affected",
"version": "10.2 Initial Release"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Content Mangement System (CMS)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.2 Update-6",
"status": "affected",
"version": "7.2 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Managed Cloud",
"vendor": "Sitecore",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:7.5:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:8.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update7",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.0:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update1",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.2:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10:*:*:*:*:*:*:*",
"versionEndIncluding": "update3",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.1:*:*:*:*:*:*:*",
"versionEndIncluding": "update2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:10.2:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:cms:7.2:*:*:*:*:*:*:*",
"versionEndIncluding": "update6",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:managed_cloud:-:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow \u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eauthenticated Sitecore Shell users to be tricked into executing custom JS code\u003c/span\u003e. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.\u003c/p\u003e"
}
],
"value": "A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:43:29.702Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001489"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001539"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xp-cms-managed-cloud-xss"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2022-4979",
"datePublished": "2025-07-25T15:55:36.039Z",
"dateReserved": "2025-07-24T15:19:26.600Z",
"dateUpdated": "2026-03-23T15:43:29.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2015-10142 (GCVE-0-2015-10142)
Vulnerability from cvelistv5 – Published: 2025-07-25 15:55 – Updated: 2026-05-15 11:14
VLAI
EPSS
VEX
Title
Sitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known Path
Summary
Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to 7.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL. Affected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-xp-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Platform (XP) |
Affected:
0 , < 8.0 Initial Release (rev. 141212)
(custom)
|
|
| Sitecore | Content Management System (CMS) |
Affected:
0 , < 7.2 Update-3 (rev. 141226)
(custom)
Affected: 0 , < 7.5 Update-1 (rev. 150130) (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2015-10142",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T17:59:28.214075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T17:59:33.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "8.0 Initial Release (rev. 141212)",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Content Management System (CMS)",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "7.2 Update-3 (rev. 141226)",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.5 Update-1 (rev. 150130)",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sitecore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to\u0026nbsp;7.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL.\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eAffected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to\u00a07.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL.\u00a0Affected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T11:14:25.020Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB0816762"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002377"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xp-cms-file-read-via-known-path"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XP \u003c 8.0 and CMS \u003c 7.2 and \u003c 7.5 File Read via Known Path",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2015-10142",
"datePublished": "2025-07-25T15:55:07.308Z",
"dateReserved": "2025-07-24T13:58:09.937Z",
"dateUpdated": "2026-05-15T11:14:25.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34138 (GCVE-0-2025-34138)
Vulnerability from cvelistv5 – Published: 2025-07-25 15:54 – Updated: 2025-12-04 16:22
VLAI
EPSS
VEX
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority, as it is a duplicate of CVE-2025-53692 and CVE-2025-53694.
Replaced by CVE-2025-53692
Replaced by CVE-2025-53694
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2025-12-04T16:22:54.196Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"rejectedReasons": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority, as it is a duplicate of\u0026nbsp;CVE-2025-53692 and\u0026nbsp;CVE-2025-53694."
}
],
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority, as it is a duplicate of\u00a0CVE-2025-53692 and\u00a0CVE-2025-53694."
}
],
"replacedBy": [
"CVE-2025-53692",
"CVE-2025-53694"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34138",
"datePublished": "2025-07-25T15:54:47.306Z",
"dateRejected": "2025-12-04T16:22:54.196Z",
"dateReserved": "2025-04-15T19:15:22.562Z",
"dateUpdated": "2025-12-04T16:22:54.196Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34139 (GCVE-0-2025-34139)
Vulnerability from cvelistv5 – Published: 2025-07-25 15:54 – Updated: 2025-11-19 01:28
VLAI
EPSS
VEX
Title
Sitecore XM/XP/XC and Managed Cloud 8.0 - 10.4 Arbitrary File Read
Summary
A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud that could allow an unauthenticated attacker to read arbitrary files. This vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-xm-… | third-party-advisory |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager (XM) |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
|
| Sitecore | Experience Platform (XP) |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
|
| Sitecore | Experience Commerce (XC) |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
|
| Sitecore | Managed Cloud |
Affected:
8.0 Initial Release , ≤ 10.4 Initial Release and later
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T18:20:58.705145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T18:21:11.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager (XM)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform (XP)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Commerce (XC)",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Managed Cloud",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "10.4 Initial Release and later",
"status": "affected",
"version": "8.0 Initial Release",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:managed_cloud:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sitecore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in Sitecore\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eExperience Manager (XM),\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eExperience Platform (XP),\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eExperience Commerce (XC), and\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eManaged Cloud that could allow an unauthenticated attacker to read arbitrary files\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003e.\u0026nbsp;\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003e\u003cspan style=\"background-color: rgb(254, 254, 254);\"\u003eThis vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected.\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability exists in Sitecore\u00a0Experience Manager (XM),\u00a0Experience Platform (XP),\u00a0Experience Commerce (XC), and\u00a0Managed Cloud that could allow an unauthenticated attacker to read arbitrary files.\u00a0This vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:28:37.079Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003650"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003661"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-xm-xp-xc-managed-cloud-arbitrary-file-read"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore XM/XP/XC and Managed Cloud 8.0 - 10.4 Arbitrary File Read",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34139",
"datePublished": "2025-07-25T15:54:25.297Z",
"dateReserved": "2025-04-15T19:15:22.563Z",
"dateUpdated": "2025-11-19T01:28:37.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36850 (GCVE-0-2020-36850)
Vulnerability from cvelistv5 – Published: 2025-07-25 15:54 – Updated: 2026-03-05 12:02
VLAI
EPSS
VEX
Title
Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure
Summary
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisorypatch |
| https://www.vulncheck.com/advisories/sitecore-jss… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | JSS React Sample Application |
Affected:
11.0.0 , ≤ 14.0.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T18:22:38.866101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T18:22:43.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JSS React Sample Application",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "14.0.1",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:sitecore.net:*:*:*:*:*:*:*:*",
"versionEndIncluding": "14.0.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sitecore"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user."
}
],
"value": "An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user."
}
],
"impacts": [
{
"capecId": "CAPEC-124",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-124 Shared Resource Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T12:02:21.538Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB0750906"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1001612"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/sitecore-jss-react-sample-application-info-disc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36850",
"datePublished": "2025-07-25T15:54:04.348Z",
"dateReserved": "2025-07-24T15:11:08.166Z",
"dateUpdated": "2026-03-05T12:02:21.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34511 (GCVE-0-2025-34511)
Vulnerability from cvelistv5 – Published: 2025-06-17 19:05 – Updated: 2026-02-26 17:50
VLAI
EPSS
VEX
Title
Sitecore PowerShell Extension RCE via Unrestricted Upload
Summary
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://labs.watchtowr.com/is-b-for-backdoor-pre-… | third-party-advisoryexploittechnical-description |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Powershell Extension |
Affected:
0 , ≤ 7.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34511",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:11.522059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:30.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Powershell Extension",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.0",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution."
}
],
"value": "Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T15:31:41.382Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore PowerShell Extension RCE via Unrestricted Upload",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34511",
"datePublished": "2025-06-17T19:05:10.466Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2026-02-26T17:50:30.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34510 (GCVE-0-2025-34510)
Vulnerability from cvelistv5 – Published: 2025-06-17 18:46 – Updated: 2026-02-26 17:50
VLAI
EPSS
VEX
Title
Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip
Summary
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://labs.watchtowr.com/is-b-for-backdoor-pre-… | third-party-advisoryexploittechnical-description |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
|
| Sitecore | Experience Platform |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
|
| Sitecore | Experience Commerce |
Affected:
9.0 , ≤ 9.3
(custom)
Affected: 10.0 , ≤ 10.4 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34510",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:12.568004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:31.002Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Commerce",
"vendor": "Sitecore",
"versions": [
{
"lessThanOrEqual": "9.3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.4",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"value": "Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by sending a crafted HTTP request to upload a ZIP archive containing path traversal sequences, allowing arbitrary file writes and leading to code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T01:24:03.216Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apply the vendor provided hotpatch."
}
],
"value": "Apply the vendor provided hotpatch."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34510",
"datePublished": "2025-06-17T18:46:04.239Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2026-02-26T17:50:31.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34509 (GCVE-0-2025-34509)
Vulnerability from cvelistv5 – Published: 2025-06-17 18:20 – Updated: 2026-02-26 17:50Title
Sitecore XM and XP Hardcoded Credentials
Summary
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://labs.watchtowr.com/is-b-for-backdoor-pre-… | third-party-advisoryexploittechnical-description |
| https://support.sitecore.com/kb?id=kb_article_vie… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sitecore | Experience Manager |
Affected:
10.4 , < 10.4.1 rev. 011941 PRE
(custom)
Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom) Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom) |
|
| Sitecore | Experience Platform |
Affected:
10.4 , < 10.4.1 rev. 011941 PRE
(custom)
Affected: 10.3 , < 10.3.3 rev. 011967 PRE (custom) Affected: 10.1 , < 10.1.4 rev. 011974 PRE (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34509",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T03:56:10.468989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:31.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Experience Manager",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Experience Platform",
"vendor": "Sitecore",
"versions": [
{
"lessThan": "10.4.1 rev. 011941 PRE",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.3.3 rev. 011967 PRE",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.1.4 rev. 011974 PRE",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.4.1",
"versionStartIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1.4",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-27T16:47:40.562Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit",
"technical-description"
],
"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003667"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to patched versions."
}
],
"value": "Update to patched versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Sitecore XM and XP Hardcoded Credentials",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34509",
"datePublished": "2025-06-17T18:20:57.441Z",
"dateReserved": "2025-04-15T19:15:22.612Z",
"dateUpdated": "2026-02-26T17:50:31.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-46938 (GCVE-0-2024-46938)
Vulnerability from cvelistv5 – Published: 2024-09-15 00:00 – Updated: 2024-09-17 15:06Summary
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| sitecore | experience_platform |
Affected:
8.0 , < 10.4
(custom)
cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:* |
|
| sitecore | experience_manager |
Affected:
8.0 , < 10.4
(custom)
cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:* |
|
| sitecore | experience_commerce |
Affected:
8.0 , < 10.4
(custom)
cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experience_platform",
"vendor": "sitecore",
"versions": [
{
"lessThan": "10.4",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experience_manager",
"vendor": "sitecore",
"versions": [
{
"lessThan": "10.4",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "experience_commerce",
"vendor": "sitecore",
"versions": [
{
"lessThan": "10.4",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-46938",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T15:03:29.479669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T15:06:07.924Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-15T21:48:11.439Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1003408"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-46938",
"datePublished": "2024-09-15T00:00:00.000Z",
"dateReserved": "2024-09-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T15:06:07.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35813 (GCVE-0-2023-35813)
Vulnerability from cvelistv5 – Published: 2023-06-17 00:00 – Updated: 2024-12-17 16:20Summary
Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002979"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T16:19:13.632398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T16:20:49.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002979"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-35813",
"datePublished": "2023-06-17T00:00:00.000Z",
"dateReserved": "2023-06-17T00:00:00.000Z",
"dateUpdated": "2024-12-17T16:20:49.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}