Pimcore: Security Vulnerabilities
Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-27
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
7.2
EPSS Score
0.098
Published
2023-04-27
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-04-27
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-04-27
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
5.2
EPSS Score
0.0
Published
2023-04-27
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-04-27
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS Score
5.2
EPSS Score
0.0
Published
2023-04-27
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Version 1.5.1 has a patch. As a workaround, one may apply the patch manually.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-04-03
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-03-29
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-03-29