Lucene search
Veracode Vulnerability DatabaseVERACODE:37264HistorySep 26, 2022 - 6:54 a.m.
Cross-Site Scripting (XSS)
2022-09-2606:54:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
pimcore
cross-site scripting
user roles
vulnerability
escaped
injection
payload
documents
assets
data objects
EPSS
0.001
Percentile
21.4%
pimcore is vulnerable to cross-site scripting. The vulnerability exists in User/Roles because the path column in Users’ Workspaces is not properly escaped allowing an attacker to inject and execute payload xss at documents, assets and data objects.
Related
prion
prion
Code injection
2022-09-21 13:15:00
huntr
huntr
Reflected XSS In User/Roles Function
2022-09-15 03:57:48
github
github
Pimcore vulnerable to cross site scripting
2022-09-22 00:00:30
cvelist
cvelist
CVE-2022-3255 Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
2022-09-21 12:00:21
cve
cve
CVE-2022-3255
2022-09-21 13:15:09
nvd
nvd
CVE-2022-3255
2022-09-21 13:15:09
osv
osv
Pimcore vulnerable to cross site scripting
2022-09-22 00:00:30