3 matches found
Pimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Proof of Concept Step 1. Go to /admin and login. Step 2. In Documents, go to home - click on Sample Conten...
CVE-2023-46722 Pimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Use...
CVE-2023-46722 Pimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Use...