CVE-2015-10142P3MEDIUMCVSS 6.9fixed in 7.2 Update-3 (rev. 141226)·fixed in 7.5 Update-1 (rev. 150130)2025-07-25
CVE-2015-10142 [MEDIUM] CWE-610 CVE-2015-10142: Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management
Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to 7.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-craf
nvd