Primary

Context

Sitecore JSS React Sample Application Information Disclosure Vulnerability

Vulnerability

A high-severity information disclosure vulnerability has been identified in the Sitecore JSS React Sample Application, affecting versions 11.0.0 through 14.0.1. This vulnerability may allow page content intended for one user to be displayed to another user.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure, allowing users to see content meant for others.

Remediation

Users can upgrade to Sitecore JSS React Sample Application versions 11.0.4, 12.0.2, 13.2.2, or 14.0.2. After updating, it is recommended to verify that global variables or singletons are not used to store page state in the server-side JavaScript code.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sitecore JSS React Sample Application Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating