CVE-2025-53692 – Sitecore Sitecore Experience Manager/Xperience Platform XSS

CVE ID : CVE-2025-53692

Published : Sept. 21, 2025, 9:10 p.m. | 2 hours, 2 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cross-Site Scripting (XSS).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…