← All advisories

Moderate severityNVD Advisory· Published Aug 21, 2023· Updated Oct 3, 2024

Cross-site Scripting (XSS) - Reflected in pimcore/pimcore

CVE-2023-4453

Description

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
pimcore/pimcorePackagist	< 10.6.8	10.6.8

Affected products

2

ghsa-coords
pkg:composer/pimcore/pimcore
Range: < 10.6.8
Pimcore/Pimcorecpe-rescue
Range: unspecified

Patches

Vulnerability mechanics

References

5

github.com/advisories/GHSA-599v-h3q5-g6r9ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2023-4453ghsaADVISORY
github.com/pimcore/pimcore/commit/234c0c02ea7502071b00ab673fbe4a6ac253080eghsaWEB
github.com/pimcore/pimcore/security/advisories/GHSA-599v-h3q5-g6r9ghsaWEB
huntr.dev/bounties/245a8785-0fc0-4561-b181-fa20f869d993ghsaWEB

News mentions

0

No linked articles in our index yet.