Количество 3
Количество 3
CVE-2025-34511
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution.
GHSA-74ph-965p-2jc2
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution.
BDU:2026-00820
Уязвимость модуля для платформы Sitecore PowerShell Extensions, связанная с неограниченной загрузкой файлов опасного типа, позволяющая нарушителю выполнить удаленный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-34511 Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution. | CVSS3: 8.8 | 79% Высокий | 8 месяцев назад |
| GHSA-74ph-965p-2jc2 Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution. | CVSS3: 8.8 | 79% Высокий | 8 месяцев назад |
 | BDU:2026-00820 Уязвимость модуля для платформы Sitecore PowerShell Extensions, связанная с неограниченной загрузкой файлов опасного типа, позволяющая нарушителю выполнить удаленный код | CVSS3: 8.8 | 79% Высокий | 8 месяцев назад |
Уязвимостей на страницу