Описание
pimcore is vulnerable to cross-site scripting in Composite indices key field
Impact
Pimcore is vulnerable to Cross site scripting vulnerability in classes module.
Patches
Update to version 10.5.20.
Workarounds
Apply the patch https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef.patch manually.
Пакеты
Наименование
pimcore/pimcore
composer
Затронутые версииВерсия исправления
< 10.5.20
10.5.20
Связанные уязвимости
CVSS3: 5.4
nvd
почти 3 года назад
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.