Vulnerabilities > Pimcore
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-21 | CVE-2023-4453 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8. | 5.4 |
| 2023-08-04 | CVE-2023-38708 | Path Traversal vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. | 8.8 |
| 2023-08-03 | CVE-2023-4145 | Cross-site Scripting vulnerability in Pimcore Customer Data Framework Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2. | 5.4 |
| 2023-07-21 | CVE-2023-3819 | Information Exposure vulnerability in Pimcore Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4. | 6.5 |
| 2023-07-21 | CVE-2023-3820 | SQL Injection vulnerability in Pimcore SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4. | 7.2 |
| 2023-07-21 | CVE-2023-3821 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4. | 5.4 |
| 2023-07-21 | CVE-2023-3822 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4. | 6.1 |
| 2023-07-14 | CVE-2023-3673 | SQL Injection vulnerability in Pimcore SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.24. | 7.2 |
| 2023-07-11 | CVE-2023-37280 | Cross-site Scripting vulnerability in Pimcore Admin Classic Bundle 1.0.0/1.0.1/1.0.2 Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. | 6.1 |
| 2023-07-10 | CVE-2023-3574 | Unspecified vulnerability in Pimcore Customer Management Framework Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1. | 6.5 |