Page 18 of 108 results (0.007 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') pimcore es vulnerable a una Neutralización Inapropiada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/pimcore/pimcore/commit/d5c3e876d910784000335061c3bd24d301351245 https://huntr.dev/bounties/6ec59e43-095f-4ba3-8b75-e92250da8e3a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') pimcore es vulnerable a una Neutralización Inadecuada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/pimcore/pimcore/commit/3c2a14e676a57e5d77a16255965988eef48f9065 https://huntr.dev/bounties/dcb37f19-ba53-4498-b953-d21999279266 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') pimcore es vulnerable a una Neutralización Inadecuada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/pimcore/pimcore/commit/34ed0e050ff679b4b38414aef48ea1ff956f907a https://huntr.dev/bounties/da173e66-76ba-4f98-b8fb-429aabf222d3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

pimcore is vulnerable to Cross-Site Request Forgery (CSRF) pimcore es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/pimcore/pimcore/commit/3088cec7dc3cbc5a8b26f1269e398e799ee7ee28 https://huntr.dev/bounties/81838575-e170-41fb-b451-92c1c8aab092 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually. Pimcore es una plataforma de administración de datos y experiencias de código abierto. • https://github.com/pimcore/pimcore/pull/10223.patch https://github.com/pimcore/pimcore/pull/10223/commits/d0a4de39cf05dce6af71f8ca039132bdfcbb0dce https://github.com/pimcore/pimcore/security/advisories/GHSA-579x-cjvr-cqj9 https://huntr.dev/bounties/12462a99-ebf8-4e39-80b3-54a16caa3f4c • CWE-203: Observable Discrepancy CWE-204: Observable Response Discrepancy •