4 matches found
CVE-2022-0348
Cross-site Scripting XSS - Stored in Packagist pimcore/pimcore prior to 10.2...
CVE-2022-0348 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Cross-site Scripting XSS - Stored in Packagist pimcore/pimcore prior to 10.2...
CVE-2022-0348 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Cross-site Scripting XSS - Stored in Packagist pimcore/pimcore prior to 10.2...
CVE-2022-0348
CVE-2022-0348 affects pimcore/pimcore (Packagist) with a stored XSS in Pimcore prior to version 10.2. The Red Hat, OSV, Veracode and CVE records concur that the vulnerability is triggered by unsafely handled input in Pimcore’s code, specifically involving the getTreeAction path and an icon field ...