Sitecore XP is a .NET content management system.
Sitecore XP uses usafe deserialization in Report.ashx. Arbitrary object deserialization is inherently unsafe, and should never be performed on untrusted data. An attacker can leverage this vulnerability to execute arbitrary code on the system.
Upgrade to the latest version of Sitecore XP