CVE-2023-2332
CVE-2023-2332 is a stored XSS in pimcore/pimcore 10.5.19, located in the Conditions tab of Pricing Rules (Date Range From/To fields). The underlying issue allows injection of arbitrary JavaScript, potentially compromising user cookies or redirecting users. The vulnerability is mitigated by upgrad...