GCVE - cpe:2.3:a:sitecore:cms:8.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:sitecore:cms:8.2:*:*:*:*:*:*:*

part: a version: 8.2 update: *

Vendor	Sitecore (`a7d448aa-2b42-539c-981e-05d11ea00680`)
Product	Cms (`029dfde3-97a8-56e9-a7c3-0a68bd2334ee`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-11440`	vulnerable	2026-06-03 14:36:28.542002	Details available In Sitecore 8.2, there is absolute path traversal via the shell/Applications/Layouts/IDE.aspx fi parameter and the admin/LinqScratchPad.aspx Reference parameter. Published: 2017-07-19T07:00:00.000Z Updated: 2024-08-05T18:12:39.722Z Open on db.gcve.eu Reference links https://xc0re.net/2017/07/03/sitecore-cms-v-8-2-multiple-vulnerabilties/ https://packetstormsecurity.com/files/143357/Sitecore-CMS-8.2-Cross-Site-Scripting-File-Disclosure.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-11439`	vulnerable	2026-06-03 14:36:28.541376	Details available In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter. Published: 2017-07-19T07:00:00.000Z Updated: 2024-08-05T18:12:40.212Z Open on db.gcve.eu Reference links https://xc0re.net/2017/07/03/sitecore-cms-v-8-2-multiple-vulnerabilties/ https://packetstormsecurity.com/files/143357/Sitecore-CMS-8.2-Cross-Site-Scripting-File-Disclosure.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.