Headline
CVE-2023-2327: [Security] Fixed XSS in class editor using date fields (#14930) · pimcore/pimcore@fb3056a
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
Expand Up @@ -176,20 +176,18 @@ pimcore.object.classes.data.datetime = Class.create(pimcore.object.classes.data. },
setDefaultValue:function (defaultValue, datefield, timefield) {
if (datefield.getValue()) { if(datefield.getValue() && typeof datefield.getValue() === ‘object’) { var dateString = Ext.Date.format(datefield.getValue(), “Y-m-d”);
if (timefield.getValue()) { dateString += " " + Ext.Date.format(timefield.getValue(), “H:i”); } else { } else { dateString += " 00:00"; }
defaultValue.setValue((Ext.Date.parseDate(dateString, “Y-m-d H:i”).getTime())/1000);
defaultValue.setValue((Ext.Date.parseDate(dateString, “Y-m-d H:i”).getTime()) / 1000); } else { datefield.setValue(null); defaultValue.setValue(null); } }, Expand Down
Related news
### Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. ### Patches Update to version 10.5.21 or apply this patch manually https://github.com/pimcore/pimcore/commit/fb3056a21d439135480ee299bf1ab646867b5f4f.patch ### Workarounds Apply patch https://github.com/pimcore/pimcore/commit/fb3056a21d439135480ee299bf1ab646867b5f4f.patch manually. ### References https://huntr.dev/bounties/7336b71f-a36f-4ce7-a26d-c8335ac713d6/