Vulnerability CVE-2023-1247
Published: 2023-03-07

Description:
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 11.0.0.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/pimcore/pimcore/commit/da2af2d413b144b9a742118124457d13232d31fd
https://huntr.dev/bounties/04447124-c7d4-477f-8364-91fe5b59cda0
Copyright 2023, cxsecurity.com

 

Back to Top