[MEDIUM] Pimcore vulnerable to Cross Site Scripting in image/video thumbnail config

PKSA-rspc-8wxq-255d CVE-2023-1117 GHSA-qxcw-rf4v-hp26

Affected package: pimcore/pimcore

Affected version: <10.5.18

Reported by:
GitHub