pimcore/pimcore Security Advisories for v6.6.4 (87)
-
Reported by:
GitHub -
Pimcore Cross-site Scripting (XSS) vulnerability in Admin Translations
Affected version: <10.5.21
Reported by:
GitHub -
Pimcore Cross-site Scripting (XSS) in Static Routes name field
Affected version: <10.5.21
Reported by:
GitHub -
Pimcore Cross-site Scripting (XSS) in name field of Custom Reports
Affected version: <10.5.21
Reported by:
GitHub -
Pimcore Cross-site Scripting (XSS) in Predefined Properties delete
Affected version: <10.5.21
Reported by:
GitHub -
Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php
Affected version: <10.5.18
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Cross-site Scripting (XSS) in DataObject Any Getter grid operator
Affected version: <10.5.21
Reported by:
GitHub -
Reported by:
GitHub -
Cross-site Scripting (XSS) in Conditions tab of Pricing Rules
Affected version: <10.5.21
Reported by:
GitHub -
Cross-site Scripting (XSS) in DataObjects QuantityValue Unit Definition
Affected version: <10.5.21
Reported by:
GitHub -
Cross-site Scripting (XSS) in pimcore via DataObject Class date fields
Affected version: <10.5.21
Reported by:
GitHub -
Cross-site Scripting (XSS) in Ecommerce Pricing Rules name field
Affected version: <10.5.21
Reported by:
GitHub -
Cross-site Scripting (XSS) in Document Properties Parameter
Affected version: <10.5.21
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Cross-site Scripting (XSS) in Admin Login too many attempts notice
Affected version: <10.5.21
Reported by:
GitHub -
Cross-site Scripting (XSS) in DataObject Classification Store
Affected version: <10.5.21
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
pimcore is vulnerable to cross-site scripting in Composite indices key field
Affected version: <10.5.20
Reported by:
GitHub -
Pimcore vulnerable to Reflected XSS in Predefined Properties module in Settings
Affected version: <10.5.20
Reported by:
GitHub -
Pimcore Cross-site Scripting in Predefined Asset Metadata module in Settings
Affected version: <10.5.20
Reported by:
GitHub -
pimcore is vulnerable to cross-site scripting in translate module
Affected version: <10.5.20
Reported by:
GitHub -
Pimcore vulnerable to improper quoting of filters in Custom Reports
Affected version: <10.5.19
Reported by:
GitHub -
Pimcore Remote Code Execution vulnerability in Search function
Affected version: <10.5.19
Reported by:
GitHub -
Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field
Affected version: <10.5.19
Reported by:
GitHub -
Pimcore vulnerable to Cross-site Scripting (XSS) in Redirects
Affected version: <10.5.19
Reported by:
GitHub -
Pimcore has Cross site Scripting vulnerability in Schedule tab of Documents
Affected version: <10.5.19
Reported by:
GitHub -
Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model
Affected version: <10.5.19
Reported by:
GitHub -
Reported by:
GitHub -
Reflected XSS in Application Logger module
Affected version: <10.5.19
Reported by:
GitHub -
Reported by:
GitHub -
Cross-site Scripting (XSS) - stored in Print Documents
Affected version: <10.5.19
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Pimcore vulnerable to Cross Site Scripting in Email Blacklist
Affected version: <10.5.18
Reported by:
GitHub -
Pimcore vulnerable to Cross Site Scripting in image/video thumbnail config
Affected version: <10.5.18
Reported by:
GitHub -
Pimcore vulnerable to Cross Site Scripting in Documents Link Editable
Affected version: <10.5.18
Reported by:
GitHub -
Reported by:
GitHub -
Cross Site Scripting (XSS) in Model\DataObject\Data\UrlSlug
Affected version: <10.5.17
Reported by:
GitHub -
Reported by:
GitHub -
Pimcore contains Unrestricted Upload of File with Dangerous Type
Affected version: <10.5.16
Reported by:
GitHub -
pimcore is vulnerable to cross-site scripting via "title field " in data objects
Affected version: <10.5.14
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Pimcore vulnerable to stored stored Cross-site Scripting via`properties` when creating new users
Affected version: <10.5.6
Reported by:
GitHub -
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
Affected version: <10.4.4
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Exposure of Sensitive Information to an Unauthorized Actor in pimcore
Affected version: <10.3.1
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub -
Improper Neutralization of Text-Values in Object Version Preview
Affected version: <10.1.1
Reported by:
GitHub -
Improper Encoding or Escaping of Output in Asset Metadata Component
Affected version: <10.1.1
Reported by:
GitHub -
Improper Neutralization of Formula Elements in a CSV File in pimcore/pimcore
Affected version: <10.1.1
Reported by:
GitHub -
CKEditor 4 vulnerabilities in versions <4.16.1
Affected version: <10.1.1
Reported by:
GitHub -
Reported by:
GitHub -
Reported by:
GitHub