Home

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.

PUBLISHED Reserved 2025-07-08 | Published 2025-09-03 | Updated 2025-09-03 | Assigner Wiz




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unaffected

9.2 (semver)
affected

Default status
unaffected

9.2 (semver)
affected

Credits

Piotr Bazydlo of watchTowr finder

References

labs.watchtowr.com/...ience-platform-cache-poisoning-to-rce/

support.sitecore.com/...ticle_view&sysparm_article=KB1003734

cve.org (CVE-2025-53694)

nvd.nist.gov (CVE-2025-53694)

Download JSON