Bleeping Computer

Sitecore CMS exploit chain starts with hardcoded 'b' password

A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. Sitecore is a popular ...
Infosecurity-magazine.com

Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution

Vulnerability research firm WatchTowr has detected seven vulnerabilities in Sitecore, a popular content management system (CMS) provider used by HSBC, United Airlines, P&G and L’Oréal. In its first ...
Hosted on MSN

Top CMS Sitecore patches critical zero-day flaw being hit by hackers

Sitecore patched a critical zero-day deserialization flaw affecting legacy deployments Threat actors exploited the vulnerability to deploy malware like WeepSteel Mandiant intervened mid-attack, ...