Vulnerabilities > Sitecore > CMS > 9.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-31	CVE-2019-9875	Deserialization of Untrusted Data vulnerability in Sitecore CMS Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter. network low complexity sitecore CWE-502	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.