CVE-2025-53693

CRITICAL

Sitecore XM/X <10.5 - Cache Poisoning

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2025-53693. PoCs published by blueisbeautiful, fuckyourheroes, brokendreamsclub.

AI-analyzed exploit summary The repository contains a functional Python exploit for CVE-2025-53693, targeting Sitecore XP's XAML handler to poison the cache via the AjaxScriptManager's AddToCache method. The exploit includes methods to check XAML control accessibility, generate malicious payloads, and verify cache poisoning.

Description

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.

Exploits (3)

nomisec WORKING POC 1 stars
by blueisbeautiful · poc
https://github.com/blueisbeautiful/CVE-2025-53693

The repository contains a functional Python exploit for CVE-2025-53693, targeting Sitecore XP's XAML handler to poison the cache via the AjaxScriptManager's AddToCache method. The exploit includes methods to check XAML control accessibility, generate malicious payloads, and verify cache poisoning.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Sitecore Experience Platform (XP)
No auth needed
Prerequisites: Access to the XAML handler endpoint · Network connectivity to the target Sitecore instance
devstral-2 · analyzed May 12, 2026 Full analysis →
nomisec WORKING POC 1 stars
by fuckyourheroes · poc
https://github.com/fuckyourheroes/CVE-2025-53693

This repository contains a functional Python exploit for CVE-2025-53693, which targets a cache poisoning vulnerability in Sitecore's XAML handler. The exploit leverages the `AjaxScriptManager` to inject arbitrary HTML into the Sitecore cache via the `AddToCache` method.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Sitecore Experience Platform
No auth needed
Prerequisites: Access to the XAML handler endpoint · Unpatched Sitecore instance
devstral-2 · analyzed May 03, 2026 Full analysis →
nomisec WORKING POC 1 stars
by brokendreamsclub · poc
https://github.com/brokendreamsclub/CVE-2025-53693

The repository contains a functional Python exploit for CVE-2025-53693, targeting Sitecore XP's XAML handler to poison the cache via the AjaxScriptManager's AddToCache method. The exploit includes methods to check XAML control accessibility, generate malicious payloads, and verify cache poisoning.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Sitecore Experience Platform (XP)
No auth needed
Prerequisites: Access to the XAML handler endpoint · Network connectivity to the target Sitecore instance
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.1378
EPSS Percentile 96.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-470
Status published
Products (5)
sitecore/experience_commerce 9.0 - 10.4
sitecore/experience_manager 9.0 - 10.4
sitecore/experience_platform 10.4
sitecore/experience_platform 9.0 - 10.4
sitecore/managed_cloud
Published Sep 03, 2025
Tracked Since Feb 18, 2026