Multiple Sitecore products allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
RCE
Code Injection
Experience Commerce
Experience Manager
Experience Platform
+1
NVD
CVSS 3.1
9.8
EPSS
86.7%