CVE-2022-2796

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*

History

24 Aug 2022, 19:56

Type Values Removed Values Added
CPE cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.8
First Time Pimcore
Pimcore pimcore
References (MISC) https://github.com/pimcore/pimcore/commit/2fd46859c1def6b5ab79ae2b9cb88c309769443d - (MISC) https://github.com/pimcore/pimcore/commit/2fd46859c1def6b5ab79ae2b9cb88c309769443d - Patch, Third Party Advisory
References (CONFIRM) https://huntr.dev/bounties/69d56ec3-8370-44cf-9732-4065e3076097 - (CONFIRM) https://huntr.dev/bounties/69d56ec3-8370-44cf-9732-4065e3076097 - Exploit, Patch, Third Party Advisory

23 Aug 2022, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-08-23 08:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-2796

Mitre link : CVE-2022-2796

CVE.ORG link : CVE-2022-2796


JSON object : View

Products Affected

pimcore

  • pimcore
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')