CVE-2023-28106

🗓️ 16 Mar 2023 17:09:15Reported by [email protected]Type

Pimcore open source platform XSS vulnerability patched in version 10.5.19

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2023-28106 Pimcore vulnerable to Cross-site Scripting in UrlSlug Data type	16 Mar 202316:31	–	cvelist
Vulnrichment	CVE-2023-28106 Pimcore vulnerable to Cross-site Scripting in UrlSlug Data type	16 Mar 202316:31	–	vulnrichment
CVE	CVE-2023-28106	16 Mar 202317:15	–	cve
OSV	Cross-site Scripting (XSS) in UrlSlug Data type	17 Mar 202314:43	–	osv
OSV	CVE-2023-28106	16 Mar 202317:15	–	osv
Prion	Cross site scripting	16 Mar 202317:15	–	prion
Github Security Blog	Cross-site Scripting (XSS) in UrlSlug Data type	17 Mar 202314:43	–	github

Nvd

Node

pimcore pimcoreRange<10.5.19

Source	Link
github	www.github.com/pimcore/pimcore/commit/c59d0bf1d03a5037b586fe06230694fa3818dbf2
huntr	www.huntr.dev/bounties/fa77d780-9b23-404b-8c44-12108881d11a
github	www.github.com/pimcore/pimcore/pull/14669.patch
github	www.github.com/pimcore/pimcore/security/advisories/GHSA-x5j3-mq9g-8jc8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Mar 2023 17:15Current

6Medium risk

Vulners AI Score6

CVSS34.8

EPSS0.00044

CWE-79