2 matches found
EUVD-2025-26166
Malicious code in bioql PyPI...
PT-2023-20929 · Sitecore · Sitecore Experience Platform
Name of the Vulnerable Software and Affected Versions: Sitecore Experience Platform versions prior to 10.2 Description: The issue allows remote attackers to download arbitrary files via a crafted command to the "download.aspx" endpoint. This is achieved by exploiting a Directory Traversal...