CNNVD-202509-342 Information

CNNVD ID

CNNVD-202509-342

Related CVE

CVE-2025-53694

• CNNVD Published: 2025-09-03

Description (Chinese)

Sitecore Experience Manager（XM）是丹麦Sitecore公司的一个管理软件。 Sitecore Experience Manager 9.2至10.4版本和Sitecore Experience Platform 9.2至10.4版本存在安全漏洞，该漏洞源于向未授权参与者暴露敏感信息。

Description (English)

Setcore Exchange Manager (XM) is a management software for the Danish company Sitecore. There is a security loophole between version 9.2 to 10.4 and version 9.2 to 10.4 of Sitecoré Exchange System, which stems from the exposure of sensitive information to unauthorized participants.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Sitecore

Published

2025-09-03

Last Modified

2026-02-24

References

https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/ https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003734

Patch

https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003734