CVE-2023-3822

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 21, 2023

Updated: Jul 26, 2023

CWE ID 79

Summary

CVE-2023-3822 is a Cross-Site Scripting (XSS) vulnerability affecting the GitHub repository pimcore/pimcore before version 10.6.4. An attacker could exploit this issue by injecting malicious scripts into a webpage viewed by other users, potentially leading to stolen information or unauthorized actions. This XSS flaw poses a significant risk, as it can be triggered through specially crafted URLs or user input. Users are advised to upgrade to the patched version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Pimcore

Affected Vendors

Pimcore

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sEhn1A
https://www.cve.org/CVERecord?id=CVE-2023-3822
https://nvd.nist.gov/vuln/detail/CVE-2023-3822

Back to Vulnerability Database