Security Advisory

CVE-2019-11080

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-06 13:33:43

Last updated 2024-08-04 22:40:16

Assigner mitre

State PUBLISHED

Description

Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. An authenticated user with necessary permissions is able to remotely execute OS commands by sending a crafted serialized object.

← Browse all CVEs View on cve.org ↗