2 matches found
CVE-2025-30166
creationtimestamp| type| source ---|---|--- 2025-04-08 11:46:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10897 2025-04-08 13:22:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmckyu44si2z 2025-04-08 15:40:25+00:00| seen|...
CVE-2025-30166
Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session cookie theft and the alteration of page...