CVE-2023-30850
CVE-2023-30850 affects Pimcore prior to 10.5.21, where the admin translations API is vulnerable to SQL injection. The issue arises in the API endpoint that accepts a JSON-encoded filter parameter (not sanitized properly), enabling an attacker with admin access to inject SQL. A patch is available ...