pimcore/pimcore Security Advisories for v10.6.9 (3)
-
[HIGH] Pimcore includes vulnerable PHPOffice/PhpSpreadsheet
PKSA-kcqp-44r9-qh72 GHSA-hq76-662x-7mw4
Affected version: >=11.1.0.0,<11.1.6.11|>=10.6.9.0,<10.6.9.12
Reported by:
GitHub -
[HIGH] Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()
PKSA-d1ts-d4yt-xjz4 CVE-2023-47637 GHSA-72hh-xf79-429p
Affected version: <11.1.1
Reported by:
GitHub -
[MEDIUM] Pimcore Cross-site Scripting vulnerability
PKSA-17vx-xhyz-z3x1 CVE-2023-5873 GHSA-j59v-hh4p-q92m
Affected version: <11.1.0
Reported by:
GitHub