Vulnerabilities > Pimcore
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-25 | CVE-2023-2881 | Insufficiently Protected Credentials vulnerability in Pimcore Customer-Data-Framework Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10. | 4.9 |
| 2023-05-17 | CVE-2023-2756 | SQL Injection vulnerability in Pimcore Customer Management Framework SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10. | 7.2 |
| 2023-05-16 | CVE-2023-2730 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | 5.4 |
| 2023-05-11 | CVE-2023-32075 | Unspecified vulnerability in Pimcore Customer Management Framework The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. | 4.3 |
| 2023-05-10 | CVE-2023-2629 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Pimcore Customer Management Framework Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9. | 7.8 |
| 2023-05-10 | CVE-2023-2630 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | 4.8 |
| 2023-05-10 | CVE-2023-2614 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. | 5.4 |
| 2023-05-10 | CVE-2023-2615 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. | 5.4 |
| 2023-05-10 | CVE-2023-2616 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. | 5.4 |
| 2023-05-08 | CVE-2023-30855 | Path Traversal vulnerability in Pimcore Pimcore is an open source data and experience management platform. | 7.5 |