CVE-2019-18656

pimcore/pimcore

on github

Published

October 31, 2019

Severity

CVSS v3:

6.1 MEDIUM

CVSS v2:

4.3 MEDIUM

Description

Pimcore 6.2.3 has XSS in the translations grid because bundles/AdminBundle/Resources/public/js/pimcore/settings/translations.js mishandles certain HTML elements.

References

https://github.com/pimcore/pimcore/commit/ca036e9f86bb5cdb3dac0930ec131e5f35e26c5f

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:pimcore:pimcore:6.2.3:::::::*	n/a	n/a	6.2.3

External Links

NVD - CVE-2019-18656