Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7321
HistoryAug 17, 2018 - 6:40 a.m.

Cross-site Scripting (XSS)

2018-08-1706:40:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4

EPSS

0.003

Percentile

68.4%

pimcore/pimcore is vulnereable to cross-site scripting (XSS) attacks. The library does not sanitize the text fields in multiple pop-up dialogs, allowing a malicious user to inject and execute arbitrary Javascript.