VYPR
Unrated severityNVD Advisory· Published Jul 17, 2019· Updated Aug 4, 2024

CVE-2019-13493

CVE-2019-13493

Description

In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. An authenticated unprivileged user can modify the uploaded file extension parameter to inject arbitrary JavaScript.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sitecore/Sitecoredescription
  • Sitecore/CMSllm-fuzzy
    Range: = 9.0 rev 171002

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.