Sitecore Net
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Sitecore Net.
By the Year
In 2026 there have been 0 vulnerabilities in Sitecore Net. Last year, in 2025 Sitecore Net had 1 security vulnerability published. Right now, Sitecore Net is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 0.00 |
It may take a day or so for new Sitecore Net vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sitecore Net Security Vulnerabilities
Info Disclosure in Sitecore JSS React Sample App 11.0.0-14.0.1
CVE-2020-36850
- July 25, 2025
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user.
Information Disclosure
An issue was discovered in Sitecore Sitecore.NET 8.1 rev
CVE-2018-7669
- April 27, 2018
An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a sitecore/shell/default.aspx?xmlcontrol=LogViewerDetails&file= URI. Validation is performed to ensure that the text passed to the 'file' parameter correlates to the correct log file directory. This filter can be bypassed by including a valid log filename and then appending a traditional 'dot dot' style attack.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Sitecore Net or by Sitecore? Click the Watch button to subscribe.
