High severityNVD Advisory· Published Jul 25, 2025· Updated Apr 15, 2026
CVE-2025-34139
CVE-2025-34139
Description
A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud that could allow an unauthenticated attacker to read arbitrary files. This vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: >=8.0 Initial Release, <=10.4 Initial Release
- Range: >=8.0 Initial Release, <=10.4 Initial Release
- Range: >=8.0 Initial Release, <=10.4 Initial Release
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.