Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-3r5c-h7g6-cqw7: pimcore is vulnerable to cross-site scripting in classes module

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.

ghsa
Open in Source
#xss#git

pimcore is vulnerable to cross-site scripting in classes module

Moderate severity GitHub Reviewed Published Mar 29, 2023 to the GitHub Advisory Database • Updated Mar 30, 2023

Related news

GHSA-4f25-2x2c-vg6v: pimcore is vulnerable to cross-site scripting in Composite indices key field

### Impact Pimcore is vulnerable to Cross site scripting vulnerability in classes module. ### Patches Update to version 10.5.20. ### Workarounds Apply the patch https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef.patch manually.

CVE-2023-1703: [Task] Optimized composite index key (#14636) · pimcore/pimcore@765832f

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.

ghsa: Latest News

GHSA-7m27-7ghc-44w9: Next.js Allows a Denial of Service (DoS) with Server Actions
ghsa