CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3822 – Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-3822
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4. • https://github.com/pimcore/pimcore/commit/d75888a9b14baaad591548463cca09dfd1395236 https://huntr.dev/bounties/2a3a13fe-2a9a-4d1a-8814-fd8ed1e3b1d5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3821 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-3821
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4. • https://github.com/pimcore/pimcore/commit/92811f07d39e4ad95c92003868f5f7309489d79c https://huntr.dev/bounties/599ba4f6-c900-4161-9127-f1e6a6e29aaa • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3820 – SQL Injection in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-3820
SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4. • https://github.com/pimcore/pimcore/commit/e641968979d4a2377bbea5e2a76bdede040d0b97 https://huntr.dev/bounties/b00a38b6-d040-494d-bf46-38f46ac1a1db • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3819 – Exposure of Sensitive Information to an Unauthorized Actor in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-3819
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4. • https://github.com/pimcore/pimcore/commit/0237527b3244d251fa5ecd4912dfe4f8b2125c54 https://huntr.dev/bounties/be5e4d4c-1b0b-4c01-a1fc-00533135817c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3673 – SQL Injection in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-3673
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.24. • https://github.com/pimcore/pimcore/commit/a06ce0abdba19ae0eefc38b035e677f8f0c2bce9 https://huntr.dev/bounties/46ca0934-5260-477b-9e86-7b16bb18d0a9 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •