Pimcore 10.5.19
Approved changes feed: RSS · Atom
cpe:2.3:a:pimcore:pimcore:10.5.19:*:*:*:*:*:*:*
part: a version: 10.5.19 update: *
| Vendor | Pimcore (115a8b86-56a6-5ce9-b491-b05cfe687e20) |
|---|---|
| Product | Pimcore (70618b30-ec6d-5901-aa33-9baa2b8d5f5b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/pimcore/pimcore |
purl2cpe | 2026-06-01 10:15:13.508766 |
pkg:sourceforge/pimcore |
purl2cpe | 2026-06-01 10:15:13.508767 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-2332 |
vulnerable | 2026-06-03 14:51:42.899687 |
Stored Cross-site Scripting (XSS) in pimcore/pimcore
MEDIUM (4)
A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. The vulnerability is present in the From and To fields of the Date Range section, allowing an attacker to inject malicious scripts. This can lead to the execution of arbitrary JavaScript code in the context of the user's browser, potentially stealing cookies or redirecting users to malicious sites. The issue is fixed in version 10.5.21.
Published: 2024-11-15T10:57:19.795Z
Updated: 2024-11-15T21:00:49.061Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.