CVE-2025-27218
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
20/02/2025
Last modified:
20/02/2025
Description
Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.
Impact
Base Score 3.x
5.30
Severity 3.x
MEDIUM