Sitecore versions 8.x suffer from a deserialization vulnerability that allows for remote code execution. Packet Storm