3 matches found
CVE-2022-39365
Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in Pimcore/Mail & ClassDefinition\Layout\Text is vulnerable to server-side template injection, which could lead to remote code execution. Version 10.5.9 contain...
CVE-2022-39365
creationtimestamp| type| source ---|---|--- 2022-10-27 18:28:31+00:00| seen| https://t.me/cibsecurity/52160...
CVE-2022-39365
CVE-2022-39365 concerns Pimcore before version 10.5.9, where user-controlled twig templates rendered in Pimcore/Mail and ClassDefinition\Layout\Text enable server-side template injection, potentially allowing remote code execution. The issue is fixed in Pimcore 10.5.9; a patch exists (or can be a...