Sitecore Experience Platform
3 CVEs affecting Sitecore Experience Platform. Latest disclosed: 2025-07-25. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-34510 | High | 8.8 | 2025-06-17 | Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip S… |
CVE-2025-34509 | High | 7.5 | 2025-06-17 | Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, an… |
CVE-2022-4979 | | 2025-07-25 | A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitec… |