3 matches found
CVE-2022-0893 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...
CVE-2022-0893 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...
CVE-2022-0893
CVE-2022-0893 is a stored XSS in Pimcore/Pimcore prior to version 10.4.0. The root cause is non-sanitized input/output handling in the image thumbnail function, allowing injection of JavaScript that can be executed in the client browser. Public details consistently describe the vulnerability as s...