CVE-2025-53691 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This i…
High CVSS: 8.8

CVE-2025-53691

Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Vendor
Sitecore
Product
Experience Commerce
CWE
CWE-502
Yayın Tarihi
2025-09-03 13:15:49
Güncelleme
2025-09-08 18:30:40
Source Identifier
9947ef80-c5d5-474a-bbab-97341a59000e
KEV Date Added
-

Kategoriler

CWE-502 Experience Commerce HIGH Sitecore 2025

Referanslar

https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/ https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003667