Filtered by vendor Pimcore
Subscriptions
Total
140 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1703 | 1 Pimcore | 1 Pimcore | 2025-02-12 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | ||||
| CVE-2023-1704 | 1 Pimcore | 1 Pimcore | 2025-02-12 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20. | ||||
| CVE-2023-1701 | 1 Pimcore | 1 Pimcore | 2025-02-12 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20. | ||||
| CVE-2023-1702 | 1 Pimcore | 1 Pimcore | 2025-02-12 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | ||||
| CVE-2023-28850 | 1 Pimcore | 1 Perspective Editor | 2025-02-11 | 6.1 Medium |
| Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Version 1.5.1 has a patch. As a workaround, one may apply the patch manually. | ||||
| CVE-2023-2338 | 1 Pimcore | 1 Pimcore | 2025-02-03 | 8.8 High |
| SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2328 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2336 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 6.5 Medium |
| Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2322 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2323 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2327 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2340 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2341 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 6.1 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2342 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-30849 | 1 Pimcore | 1 Pimcore | 2025-01-31 | 8.8 High |
| Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability exists in the translation export API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually. | ||||
| CVE-2023-2339 | 1 Pimcore | 1 Pimcore | 2025-01-30 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-30850 | 1 Pimcore | 1 Pimcore | 2025-01-30 | 8.8 High |
| Pimcore is an open source data and experience management platform. Prior to version 10.5.21, a SQL Injection vulnerability exists in the admin translations API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually. | ||||
| CVE-2023-2361 | 1 Pimcore | 1 Pimcore | 2025-01-30 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-2343 | 1 Pimcore | 1 Pimcore | 2025-01-30 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. | ||||
| CVE-2023-30848 | 1 Pimcore | 1 Pimcore | 2025-01-30 | 8.8 High |
| Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually. | ||||