Sitecore: >> Experience Platform >> 10.2 Security Vulnerabilities
Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-05-22
An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server.
CVSS Score
7.2
EPSS Score
0.08
Published
2023-03-14
Page 2