In Atrocore 1.5.25, the Create Import Feed option with glyphicon-glyphicon-paperclip function is vulnerable to Unauthenticated File upload.
9.8CVSS
9.3AI Score
0.003EPSS
7.5CVSS
7.5AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in AtroCore AtroPIM 1.8.4. This affects an unknown part of the file /#ProductSerie/view/ of the component Product Series Overview. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The expl...
6.1CVSS
5.9AI Score
0.001EPSS