Medium severityNVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026
CVE-2022-4979
CVE-2022-4979
Description
A cross-site scripting (XSS) vulnerability exists in Sitecore Experience Platform (XP) 7.5 - 10.2 and CMS 7.2 - 7.2 Update-6 that may allow authenticated Sitecore Shell users to be tricked into executing custom JS code. Managed Cloud Standard customers who run the affected Sitecore Experience Platform / CMS versions are also affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=7.5, <=10.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.