Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-42237 KEV |
|
[KEV] Unsafe Deserialization in Sitecore xp (CVE-2021-42237)
vulnerability in Sitecore xp (CVE-2021-42237). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2016-8855 |
|
Cross-Site Scripting (XSS) in sitecore (CVE-2016-8855)
cross-site scripting in sitecore (CVE-2016-8855). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2` or later.
|