← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-42237 — Actively Exploited: XP (Sitecore)

Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.

CVE IDCVE-2021-42237
VendorSitecore
ProductXP
Vulnerability nameSitecore XP Remote Command Execution Vulnerability
Date added2022-03-25
Remediation due2022-04-15
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionSitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →