Changelog

WAF Release - 2025-09-04 - Emergency

WAF

This week's update

This week, new critical vulnerabilities were disclosed in Sitecore’s Sitecore Experience Manager (XM), Sitecore Experience Platform (XP), specifically versions 9.0 through 9.3, and 10.0 through 10.4. These flaws are caused by unsafe data deserialization and code reflection, leaving affected systems at high risk of exploitation.

Key Findings

  • CVE-2025-53690: Remote Code Execution through Insecure Deserialization
  • CVE-2025-53691: Remote Code Execution through Insecure Deserialization
  • CVE-2025-53693: HTML Cache Poisoning through Unsafe Reflections

Impact

Exploitation could allow attackers to execute arbitrary code remotely on the affected system and conduct cache poisoning attacks, potentially leading to further compromise. Applying the latest vendor-released solution without delay is strongly recommended.

RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
Cloudflare Managed Ruleset 100878Sitecore - Remote Code Execution - CVE:CVE-2025-53691N/ABlockThis is a new detection
Cloudflare Managed Ruleset 100631Sitecore - Cache Poisoning - CVE:CVE-2025-53693N/ABlockThis is a new detection
Cloudflare Managed Ruleset 100879Sitecore - Remote Code Execution - CVE:CVE-2025-53690N/ABlockThis is a new detection