Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: experience-platform Clear
ID Title
CVE-2021-42237 KEV [KEV] Unsafe Deserialization in Sitecore xp (CVE-2021-42237)
vulnerability in Sitecore xp (CVE-2021-42237). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2016-8855 Cross-Site Scripting (XSS) in sitecore (CVE-2016-8855)
cross-site scripting in sitecore (CVE-2016-8855). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →