CVE-2023-28850

CVSS V2 None CVSS V3 None
Description
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Version 1.5.1 has a patch. As a workaround, one may apply the patch manually.
Overview
  • CVE ID
  • CVE-2023-28850
  • Assigner
  • security-advisories@github.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-03T18:15:07
  • Last Modified Date
  • 2023-04-12T18:52:35
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:pimcore:perspective_editor:*:*:*:*:*:*:*:* 1 OR 1.5.1
References
History
Created Old Value New Value Data Type Notes
2023-04-17 04:03:00 Added to TrackCVE
2023-04-17 04:03:03 Weakness Enumeration new