Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/05/28 8:47 p.m.12 views

Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save

My name is Oscar Uribe, Security Researcher at Fluid Attacks. I am reaching out because we have identified a security vulnerability in Pimcore 12.3.3 that we would like to report to you so we can coordinate a responsible disclosure together. As part of our standard disclosure measures, we follow ...

7CVSS6.3AI score0.00346EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/28 8:47 p.m.12 views

GHSA-R2F4-FF2P-XC64 Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save

My name is Oscar Uribe, Security Researcher at Fluid Attacks. I am reaching out because we have identified a security vulnerability in Pimcore 12.3.3 that we would like to report to you so we can coordinate a responsible disclosure together. As part of our standard disclosure measures, we follow ...

7CVSS6.3AI score0.00346EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2023/04/04 3:21 p.m.30 views

pimcore is vulnerable to cross-site scripting in Composite indices key field

Impact Pimcore is vulnerable to Cross site scripting vulnerability in classes module. Patches Update to version 10.5.20. Workarounds Apply the patch https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef.patch manually...

5.4CVSS5.3AI score0.00457EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/04/04 3:21 p.m.22 views

GHSA-4F25-2X2C-VG6V pimcore is vulnerable to cross-site scripting in Composite indices key field

Impact Pimcore is vulnerable to Cross site scripting vulnerability in classes module. Patches Update to version 10.5.20. Workarounds Apply the patch https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef.patch manually...

5.4CVSS5AI score0.00457EPSS
Exploits1References5
Rows per page
Query Builder