CVE-2025-53693 PoC — HTML Cache Poisoning through Unsafe Reflections

Source

https://github.com/blueisbeautiful/CVE-2025-53693

Associated Vulnerability

Title:HTML Cache Poisoning through Unsafe Reflections (CVE-2025-53693)
Description:Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.

Description

HTML cache poisoning through unsafe reflections

Readme

### CVE-2025-53693: HTML Cache Poisoning

The XAML handler, located at `/-/xaml/`, exposes several controls that can be accessed without authentication. The `AjaxScriptManager` within these controls allows for the execution of methods via reflection. The `AddToCache` method can be abused to inject arbitrary HTML content into the Sitecore cache, which can then be rendered in other parts of the application.

**Cache Poisoning:** The attacker uses CVE-2025-53693 to poison the cache with a malicious payload.

## Mitigation

Sitecore has released patches for this vulnerabilitie. It is strongly recommended to upgrade to the latest version of Sitecore XP or apply the provided security patches.

## Reference

[1] Watchtowr Labs. (2025). [*Cache Me If You Can: Sitecore Experience Platform Cache Poisoning to RCE*.](https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce/)

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!