Vulnerabilities > CVE-2023-33652 - Unsafe Reflection vulnerability in Sitecore Experience Platform 9.3

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
sitecore
CWE-470

Summary

Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /sitecore/shell/Invoke.aspx.

Vulnerable Configurations

Part Description Count
Application
Sitecore
1