Lucene search

CVE-2023-28429

🗓️ 20 Mar 2023 15:12:15Reported by GitHub_MType

Pimcore <10.5.19 DataObject tooltip field unsecured vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
NVD	CVE-2023-28429	20 Mar 202315:15	–	nvd
Vulnrichment	CVE-2023-28429 Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field	20 Mar 202314:54	–	vulnrichment
Prion	Design/Logic Flaw	20 Mar 202315:15	–	prion
OSV	Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field	20 Mar 202317:18	–	osv
OSV	CVE-2023-28429	20 Mar 202315:15	–	osv
Cvelist	CVE-2023-28429 Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field	20 Mar 202314:54	–	cvelist
Veracode	Cross-site Scripting (XSS)	22 Mar 202309:14	–	veracode
Github Security Blog	Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field	20 Mar 202317:18	–	github

Nvd

Vulners

Node

pimcore pimcoreRange<10.5.19

[
  {
    "vendor": "pimcore",
    "product": "pimcore",
    "versions": [
      {
        "version": " < 10.5.19",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/pimcore/pimcore/pull/14574
github	www.github.com/pimcore/pimcore/security/advisories/GHSA-rcg9-hrhx-6q69
github	www.github.com/pimcore/pimcore/pull/14574.patch

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Mar 2023 15:15Current

6.2Medium risk

Vulners AI Score6.2

CVSS36.1

EPSS0.00006

SSVC

CWE-79