Vulnerabilities > Pimcore
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-46722 | Cross-site Scripting vulnerability in Pimcore Admin Classic Bundle The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. | 6.1 |
| 2023-10-31 | CVE-2023-5873 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 11.1.0. | 5.4 |
| 2023-10-30 | CVE-2023-5844 | Improper Authentication vulnerability in Pimcore Admin Classic Bundle Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. | 7.2 |
| 2023-09-27 | CVE-2023-5192 | Excessive Data Query Operations in a Large Data Table vulnerability in Pimcore Core Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0. | 6.5 |
| 2023-09-25 | CVE-2023-42817 | Cross-site Scripting vulnerability in Pimcore Admin Classic Bundle Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. | 5.4 |
| 2023-08-21 | CVE-2023-4453 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8. | 5.4 |
| 2023-08-04 | CVE-2023-38708 | Path Traversal vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. | 8.8 |
| 2023-08-03 | CVE-2023-4145 | Cross-site Scripting vulnerability in Pimcore Customer Data Framework Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2. | 5.4 |
| 2023-07-21 | CVE-2023-3819 | Information Exposure vulnerability in Pimcore Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4. | 6.5 |
| 2023-07-21 | CVE-2023-3820 | SQL Injection vulnerability in Pimcore SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4. | 7.2 |