Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.8 views

CVE-2023-42817

Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including “%s” from “%suggest% is parsed by sprintf even though it’s supposed to be output literally to the user. The translations may be accessible by a user with comparatively lower overall access...

5.4CVSS6.7AI score0.00326EPSS
Exploits0
Circl
Circl
added 2023/09/25 10:39 p.m.7 views

CVE-2023-42817

creationtimestamp| type| source ---|---|--- 2023-09-25 22:39:31+00:00| seen| https://t.me/cibsecurity/71009...

5.4CVSS5.5AI score0.00326EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/25 6:57 p.m.40 views

CVE-2023-42817 Cross-site Scripting (XSS) in pimcore admin-ui-classic-bundle translations

Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including “%s” from “%suggest% is parsed by sprintf even though it’s supposed to be output literally to the user. The translations may be accessible by a user with comparatively lower overall access...

5.4CVSS5.7AI score0.00326EPSS
Exploits0References2
CVE
CVE
added 2023/09/25 6:57 p.m.104 views

CVE-2023-42817

Pimcore admin-ui-classic-bundle translations are vulnerable to Cross-site Scripting due to a translation string containing “%s” being parsed by sprintf(), allowing potential injection in dialog boxes. Affected versions: prior to 1.1.2. Root cause: unsanitized translation parsing. Remediation: upg...

5.4CVSS5.3AI score0.00326EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder