CVE-2023-2614 – Cross-site Scripting (XSS) - DOM in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-2614
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. • https://github.com/pimcore/pimcore/commit/c36ef54ce33f7b5e74b7b0ab9eabfed47c018fc7 https://huntr.dev/bounties/1a5e6c65-2c5e-4617-9411-5b47a7e743a6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-2615 – Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-2615
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. • https://github.com/pimcore/pimcore/commit/7a799399e6843cd049e85da27ceb75b78505317f https://huntr.dev/bounties/af9c360a-87f8-4e97-a24b-6db675ee942a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-2616 – Cross-site Scripting (XSS) - Generic in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-2616
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. • https://github.com/pimcore/pimcore/commit/07a2c95be524c7e20105cef58c5767d4ebb06091 https://huntr.dev/bounties/564cb512-2bcc-4458-8c20-88110ab45801 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-2630 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2023-2630
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. • https://github.com/pimcore/pimcore/commit/7e32cc28145274ddfc30fb791012d26c1278bd38 https://huntr.dev/bounties/e1001870-b8d8-4921-8b9c-bbdfb1a1491e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-2629 – Improper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework
https://notcve.org/view.php?id=CVE-2023-2629
Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9. • https://github.com/pimcore/customer-data-framework/commit/4e0105c3a78d20686a0c010faef27d2297b98803 https://huntr.dev/bounties/821ff465-4754-42d1-9376-813c17f16a01 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •