Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Published on August 29, 2025

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.  The flaws, per watchTowr Labs, are listed below - CVE-2025-53693 - HTML cache poisoning through unsafe reflections CVE-2025-53691 - Remote code execution (RCE) through insecure deserialization CVE-2025-53694 -

Continue reading on website
Other news

WhatsApp patches vulnerability exploited in zero-day attacks

August 29, 2025
WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. [...]

Microsoft fixes bug behind Windows certificate enrollment errors

August 29, 2025
Microsoft has resolved a known issue causing false CertificateServicesClient (CertEnroll) error messages after installing the July 2025 preview and subsequent Windows 11 24H2 updates. [...]