HOW I FOUND CVE-2023–35813?

(its worth around 15k dollars)

Hi everyone i am back with another writeup.

“Sitecore Remote Code Execution CVE-2023–35813”

what is sitecore?

Sitecore is a leading digital experience platform (DXP) that combines enterprise content management, personalization, marketing automation, and analytics. It enables organizations to deliver seamless, customized, and effective digital experiences across various channels, including websites, mobile apps, social media, and more.

Key Features and Capabilities

1. Content Management System (CMS): Sitecore’s CMS allows users to create, edit, and manage digital content, such as web pages, blog posts, and multimedia assets, without requiring extensive technical expertise.
2. Personalization: Sitecore’s customer data platform (CDP) captures analytics and activity data about users, enabling organizations to create personalized experiences and tailor content to individual preferences.
3. Marketing Automation: Sitecore’s marketing automation capabilities enable organizations to automate and streamline marketing processes, such as lead nurturing, email campaigns, and customer segmentation.
4. Analytics: Sitecore provides robust analytics and reporting tools, enabling organizations to track and measure the effectiveness of their digital experiences and make data-driven decisions.
5. Composable…