CVE-2023-1116 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-1116
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. • https://github.com/pimcore/pimcore/commit/f6d322efa207a737eedd8726b7c92e957a83341e https://huntr.dev/bounties/3245ff99-9adf-4db9-af94-f995747e09d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-1117 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-1117
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. • https://github.com/pimcore/pimcore/commit/b9ba69f66d6a9986fb36f239661b98cd33a89853 https://huntr.dev/bounties/e8c0044d-a31b-4347-b2d5-59fbf492da39 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-1067 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-1067
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. • https://github.com/pimcore/pimcore/commit/4b5733266d7d6aeb4f221a15e005db83fc198edf https://huntr.dev/bounties/31d17b34-f80d-49f2-86e7-97ae715cc045 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-0827 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-0827
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 1.5.17. • https://github.com/pimcore/pimcore/commit/f4050586136cb4c44e3d6042111a1b87b340df95 https://huntr.dev/bounties/75bc7d07-46a7-4ed9-a405-af4fc47fb422 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-25240
https://notcve.org/view.php?id=CVE-2023-25240
An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/pimcore/pimCore-10.5.15 https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions •