CVE-2023-0323

CVSS V2 None CVSS V3 None
Description
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.14.
Overview
  • CVE ID
  • CVE-2023-0323
  • Assigner
  • security@huntr.dev
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-16T15:15:10
  • Last Modified Date
  • 2023-01-24T16:22:22
Weakness Enumerations
CWE URL
CWE-79 http://cwe.mitre.org/data/definitions/79.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:* 1 OR 10.5.14
References
Reference URL Reference Tags
https://github.com/pimcore/pimcore/commit/746fac1a342841624f63ab13edcd340358e1bc04
https://huntr.dev/bounties/129d6a4b-0504-4de1-a72c-3f12c4552343
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-0323
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0323
History
Created Old Value New Value Data Type Notes
2023-01-16 16:16:55 Added to TrackCVE
2023-01-16 16:16:55 Weakness Enumeration new
2023-01-17 14:15:08 2023-01-17T13:24:41 CVE Modified Date updated
2023-01-17 14:15:08 Received Awaiting Analysis Vulnerability Status updated
2023-01-17 14:15:12 CVSS V3 information new
2023-01-20 21:14:00 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-20 21:14:04 CVSS V3 information new
2023-01-24 18:12:46 2023-01-24T16:22:22 CVE Modified Date updated
2023-01-24 18:12:46 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-24 18:12:49 CPE Information updated
2023-01-24 18:12:50 CVSS V3 information new