3 matches found
CVE-2023-1115
creationtimestamp| type| source ---|---|--- 2023-03-01 16:33:23+00:00| seen| https://t.me/cibsecurity/59221 2025-03-11 14:39:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7153...
CVE-2023-1115 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.5.18...
CVE-2023-1115
CVE-2023-1115 describes a stored XSS in pimcore/pimcore before version 10.5.18. The issue arises because input in the Link.php attributes of the Document Page Link Editable is not adequately sanitized/escaped, allowing an attacker to inject JavaScript that executes in a user’s browser when the pa...