pimcore/admin-ui-classic-bundle Security Advisories for v1.3.0 (3)
-
[HIGH] Pimcore Host Header Injection in user invitation link
PKSA-j5bv-sdqj-vcrb CVE-2024-25625 GHSA-3qpq-6w89-f7mx
Affected version: <1.3.4
Reported by:
GitHub -
[MEDIUM] Pimcore Admin Classic Bundle permissions are not getting checked when working with tags
PKSA-wknz-tj3m-bc21 CVE-2024-24822 GHSA-3rfr-mpfj-2jwq
Affected version: <1.3.3
Reported by:
GitHub -
[HIGH] SQL Injection in Admin download files as zip
PKSA-5dxj-4z94-j8h2 CVE-2024-23646 GHSA-cwx6-4wmf-c6xv
Affected version: >=1.0.0,<1.3.2
Reported by:
GitHub