CVE-2023-33653
📊 8.8 HIGH⚡ 2.1%🎯 0 exploits
📅 Published Jun 6, 2023
📋 Status: Modified
Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /Applications/Content%20Manager/Execute.aspx?cmd=convert&mode=HTML.
CVSS v3.1 • NVD
🎯 Affected Products & Systems
1 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | sitecore | experience platform | 9.3 | Vulnerable | cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: 9.3
CPE:
cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
LOW
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
8.8 (HIGH)v3.1
Source: [email protected]
EPSS Details
2.1% (Minimal)83.3th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Jun 6, 2023 (2 years ago)
Last Modified
Jan 8, 2025 (9 months ago)
Security Weaknesses1
References1
NVD