Lucene search
+L

Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability

🗓️ 26 Mar 2025 00:00:00Reported by CISAType 
cisa_kev
 cisa_kev
🔗 www.cisa.gov👁 26 Views

Deserialization vulnerability in Sitecore CMS and Experience Platform allows code execution via CSRF token.

Related
ReporterTitlePublishedViews
Family
attackerkb
CVE-2019-9874
31 May 201900:00
attackerkb
bdu_fstec
The vulnerability of the Sitecore.Security.AntiCSRF module of the Sitecore content management system and Sitecore XP allows attackers to execute arbitrary code.
20 Nov 202500:00
bdu_fstec
circl
CVE-2019-9874
26 Mar 202518:45
circl
cisa
CISA Adds Two Known Exploited Vulnerabilities to Catalog
26 Mar 202512:00
cisa
cve
CVE-2019-9874
31 May 201920:11
cve
cvelist
CVE-2019-9874
31 May 201920:11
cvelist
nuclei
Sitecore Experience Platform - Deserialization of Untrusted Data
13 Jul 202604:38
nuclei
nvd
CVE-2019-9874
31 May 201921:29
nvd
osv
CVE-2019-9874
31 May 201921:29
osv
prion
Deserialization of untrusted data
31 May 201921:29
prion
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

26 Mar 2025 00:00Current
8High risk
Vulners AI Score8
CVSS 27.5
CVSS 3.19.8
EPSS0.83857
SSVC
26