13 matches found
EUVD-2024-34410
Malicious code in bioql PyPI...
CVE-2024-11954
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...
Cross-Site Scripting (XSS)
pimcore/pimcore is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the Search Document component, allowing remote attackers to manipulate it and execute cross-site scripting attacks...
Cross-site Scripting (XSS)
Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Cross-site Scripting XSS when uploading a PDF. An admin user can upload a PDF containing malicious scripts that will be executed in another user's session...
GHSA-8M2R-X2M2-3WMW Duplicate Advisory: Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xr3m-6gq6-22cg. This link is maintained to preserve external references. Original Description A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown...
Duplicate Advisory: Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xr3m-6gq6-22cg. This link is maintained to preserve external references. Original Description A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown...
CVE-2024-11954
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...
CVE-2024-11954
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...
CVE-2024-11954 Pimcore Search Document cross site scripting
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...
CVE-2024-11954
Pimcore 11.4.2 contains a stored XSS in the Search Document component due to inadequate input sanitization. Authentication is required (as per the GHSA advisory), and malicious script can execute in the context of other users’ browsers when affected data is viewed. Exploitation exists (e.g., Expl...
CVE-2024-11954 Pimcore Search Document cross site scripting
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...
Pimcore 安全漏洞
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. Pimcore has a cross-site scripting vulnerabilit...
PT-2025-1723 · Pimcore · Pimcore
Name of the Vulnerable Software and Affected Versions: Pimcore version 11.4.2 Description: A problematic issue was found in the Search Document component, leading to basic cross site scripting. The manipulation can be launched remotely. The exploit has been disclosed to the public and may be used...