2 matches found
CVE-2022-0705 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...
CVE-2022-0705
PVE: CVE-2022-0705 is a stored XSS in Pimcore (pimcore/pimcore) prior to version 10.4.0. The vulnerability arises from how user-supplied data (e.g., Abbreviation/Longname/Converter Service values) is processed and output, enabling JavaScript execution in a client context. Several connected source...