CVE-2021-37702
Published
CVSS v3
8
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
Pimcore is an open source data & experience management platform. Prior to version 10.1.1, Data Object CSV import allows formular injection. The problem is patched in 10.1.1. Aside from upgrading, one may apply the patch manually as a workaround.
Core Framework for the Open Core Data & Experience Management Platform (PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce)
GitHub