GHSA-RCG9-HRHX-6Q69 Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field

Impact Unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.19 or apply this...

CVE-2023-28429 Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field

Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie ...

CVE-2023-28429 Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field

Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie ...

Pimcore 跨站脚本漏洞

Pimcore is Austria's Pimcore company's set of open source for the creation and management of Web applications Web content management platform. The platform integrates Web content management, e-commerce frameworks and product information management applications. A cross-site scripting vulnerabilit...

Subrion CMS 跨站脚本漏洞

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into a website and supports a variety of extension plugins and more. A cross-site scripting vulnerability exists in Subrion CMS version v4.2.1. An attacker exploiting this vulnerability...