CVE-2023-0827

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 1.5.17.

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

References

Link	Resource
https://github.com/pimcore/pimcore/commit/f4050586136cb4c44e3d6042111a1b87b340df95	Patch Vendor Advisory
https://huntr.dev/bounties/75bc7d07-46a7-4ed9-a405-af4fc47fb422	Exploit Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-02-14 13:15

Updated : 2024-02-28 19:51

NVD link : CVE-2023-0827

Mitre link : CVE-2023-0827

CVE.ORG link : CVE-2023-0827

JSON object : View

Products Affected

pimcore

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')