Versions affected
Vulnerability SC2019-002-312864 affects all versions of Sitecore CMS/XP starting from CMS 6.6 Update-3 and up to (and including) XP 8.2 Update-7.
Vulnerability is applicable to all Sitecore instances running affected versions.
This includes CMS-only and xDB-enabled modes, single-instance and multi-instance environments, Managed Cloud environments, and all Sitecore server roles (content delivery, content editing, reporting, processing, publishing, etc.).
A hotfix is available for all supported Sitecore CMS/XP versions.
Versions not affected
Sitecore XP versions 9.0 and later are not affected by this vulnerability.
Sitecore xDB Cloud environments are not affected.