Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.
View the template here CVE-2023-35813.yaml
References:
https://code-white.com/blog/exploiting-asp.net-templateparser-part-1/