Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-VC5R-XFC4-4X22
HistoryMar 25, 2022 - 12:00 a.m.

Cross-site Scripting in Pimcore Datahub

2022-03-2500:00:33
Google
osv.dev
26
pimcore
datahub
cross-site scripting
stored
vulnerability
cookie theft

EPSS

0.001

Percentile

21.4%

JSON

Pimcore Datahub prior to 1.2.4 is vulnerable to stored cross-site scripting. An admin user accessing Datahub triggers the attack, which may result in the user’s cookie being stolen.

Related

osv 2
huntr 1
cvelist 1
veracode 1
cve 1
prion 1
github 1
nvd 1
osv
osv
BIT-pimcore-2022-0955
2024-03-06 11:01:29
CVE-2022-0955
2022-03-24 15:15:07
huntr
huntr
Cross-site Scripting (XSS) - Stored
2022-03-08 16:20:52
cvelist
cvelist
CVE-2022-0955 Cross-site Scripting (XSS) - Stored in pimcore/data-hub
2022-03-24 14:45:15
veracode
veracode
Cross-Site Scripting (XSS)
2022-03-25 07:29:41
cve
cve
CVE-2022-0955
2022-03-24 15:15:07
prion
prion
Cross site scripting
2022-03-24 15:15:00
github
github
Cross-site Scripting in Pimcore Datahub
2022-03-25 00:00:33
nvd
nvd
CVE-2022-0955
2022-03-24 15:15:07

EPSS

0.001

Percentile

21.4%

JSON
Related for OSV:GHSA-VC5R-XFC4-4X22
osv2huntr1cvelist1veracode1cve1prion1github1nvd1