Sitecore Experience Manager (Xm)
Approved changes feed: RSS · Atom
cpe:2.3:a:sitecore:sitecore_experience_manager_(xm):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Sitecore (a7d448aa-2b42-539c-981e-05d11ea00680) |
|---|---|
| Product | Sitecore Experience Manager (Xm) (4708e97a-b087-5706-be68-3b962eba9070) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-53694 |
vulnerable | 2026-06-03 15:03:54.587428 |
Information Disclosure in ItemServices API
HIGH (7.5)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.
Published: 2025-09-03T12:36:37.520Z
Updated: 2025-09-03T13:57:58.828Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-53693 |
vulnerable | 2026-06-03 15:03:54.587006 |
HTML Cache Poisoning through Unsafe Reflections
CRITICAL (9.8)
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Published: 2025-09-03T12:36:53.745Z
Updated: 2025-09-03T13:53:40.699Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-53692 |
vulnerable | 2026-06-03 15:03:54.586591 |
Sitecore Experience Platform Cross-Site Scripting Vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.
Published: 2025-09-21T19:42:46.643Z
Updated: 2025-09-22T17:27:11.080Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.