Thomas Stern

1 exploit Active since Mar 2023
CVE-2023-26262 NOMISEC HIGH WRITEUP
Sitecore Experience Manager < 10.3 - Authenticated Unrestricted File Upload
An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server.
CVSS 7.2