Vulnerabilities > Sitecore > CMS > High

DATE CVE VULNERABILITY TITLE RISK
2019-05-31 CVE-2019-9875 Deserialization of Untrusted Data vulnerability in Sitecore CMS
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter.
network
low complexity
sitecore CWE-502
8.8