Error: Method Through Reflection is Not Allowed after Applying Sitecore Hotfix

Recently, Sitecore security bulletin SC2023-003-587441 addresses Critical (582720) and High (584731) severity vulnerabilities in Sitecore software and provides the cumulative hotfix for the same.

I have applied this hotfix in my solution and deployed it, but I have encountered the following error while publishing the Sitecore Items.

method-through-reflecation-not-allowed-1

If you are looking for how to install the Sitecore Cumulative hotfix OnPrem and PaaS instances, see the blog post: Sitecore Cumulative Hotfixes Installation on OnPrem and PaaS

Solution:

This Security Hotfix might add a security layer that prevents the execution of unexpected methods through reflection. As I have customized the publishing method for Sitecore items, I am getting this issue while publishing the Sitecore items.

  1. Go to the path "\App_Config\Sitecore\CMS.Core\" and open the "Sitecore.Reflection.Filtering.config" file.
  2. Add the method name to the "Sitecore.Reflection.Filtering.config" file:

  3. Add a method pattern to the "Sitecore.Reflection.Filtering.config" file:

    Where the "value" is a regular expression matched against the method name string in the format "NameSpace.Class.Method, AssemblyName".

Happy Sitecoreing ðŸ˜Š

Comments

  1. Thanks so much for this, I applied it as a patch file :)

    ReplyDelete
  2. I am getting error while trying to ctrl s, after applying this patch

    ReplyDelete

Post a Comment

Popular posts from this blog

Sitecore Installation Error: Failed to Start Service 'Sitecore Marketing Automation Engine'

Import CSV Data in Sitecore Using PowerShell: Part-3

Sitecore Technology MVP Journey 2022