Lucene search

CVE-2023-1067

🗓️ 27 Feb 2023 14:10:15Reported by @huntrdevType

CVE-2023-1067 Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2023-1067	27 Feb 202314:15	–	osv
OSV	GHSA-F2JH-MF2C-8278 Pimcore vulnerable to Cross-site Scripting	27 Feb 202315:30	–	osv
Prion	Cross site scripting	27 Feb 202314:15	–	prion
Cvelist	CVE-2023-1067 Cross-site Scripting (XSS) - Stored in pimcore/pimcore	27 Feb 202300:00	–	cvelist
Veracode	Cross-Site Scripting (XSS)	2 Mar 202302:44	–	veracode
Huntr	XSS Stored in the email address	14 Feb 202319:53	–	huntr
Vulnrichment	CVE-2023-1067 Cross-site Scripting (XSS) - Stored in pimcore/pimcore	27 Feb 202300:00	–	vulnrichment
NVD	CVE-2023-1067	27 Feb 202314:15	–	nvd
Github Security Blog	Pimcore vulnerable to Cross-site Scripting	27 Feb 202315:30	–	github

Nvd

Node

pimcore pimcoreRange<10.5.18

[
  {
    "vendor": "pimcore",
    "product": "pimcore/pimcore",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "10.5.18",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.dev/bounties/31d17b34-f80d-49f2-86e7-97ae715cc045
github	www.github.com/pimcore/pimcore/commit/4b5733266d7d6aeb4f221a15e005db83fc198edf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Feb 2023 14:15Current

5.1Medium risk

Vulners AI Score5.1

CVSS35.2 - 5.4

EPSS0.00002

SSVC

CWE-79