Sitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known Path

Advisories

severity: medium
date: July 25, 2025
Affecting: XP prior to 8.0 Initial Release (rev. 141212)
CMS prior to 7.2 Update-3 (rev. 141226)
CMS prior to 7.5 Update-1 (rev. 150130)
CVE: CVE-2015-10142
CVE type: Externally Controlled Reference
CVSS: 6.9
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
References: Vendor Advisory (EN)
Vendor Advisory (JP)
Credit: Sitecore