Количество 2
Количество 2
CVE-2022-39365
Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in `Pimcore/Mail` & `ClassDefinition\Layout\Text` is vulnerable to server-side template injection, which could lead to remote code execution. Version 10.5.9 contains a patch for this issue. As a workaround, one may apply the patch manually.
GHSA-5qxq-vgmm-q39m
RCE vulnerability in Pimcore/Mail & Dynamic Text Layout
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-39365 Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in `Pimcore/Mail` & `ClassDefinition\Layout\Text` is vulnerable to server-side template injection, which could lead to remote code execution. Version 10.5.9 contains a patch for this issue. As a workaround, one may apply the patch manually. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
| GHSA-5qxq-vgmm-q39m RCE vulnerability in Pimcore/Mail & Dynamic Text Layout | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу