Vulnerabilities > Sitecore > Experience Platform > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-22 | CVE-2023-27066 | Path Traversal vulnerability in Sitecore Experience Platform Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle. | 6.5 |
2019-07-17 | CVE-2019-13493 | Cross-site Scripting vulnerability in Sitecore Experience Platform 9.0 In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. | 5.4 |
2017-03-19 | CVE-2016-8855 | Cross-site Scripting vulnerability in Sitecore Experience Platform 8.1 Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. | 6.1 |