Vulnerabilities > Pimcore
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-21 | CVE-2022-3255 | Cross-site Scripting vulnerability in Pimcore If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. | 4.8 |
| 2022-09-15 | CVE-2022-3211 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6. | 5.4 |
| 2022-08-23 | CVE-2022-2796 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4. | 4.8 |
| 2022-06-27 | CVE-2022-31092 | SQL Injection vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform. | 8.1 |
| 2022-04-22 | CVE-2022-1429 | SQL Injection vulnerability in Pimcore SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. | 7.5 |
| 2022-04-14 | CVE-2022-1351 | Cross-site Scripting vulnerability in Pimcore Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10.4. | 5.4 |
| 2022-04-13 | CVE-2022-1339 | SQL Injection vulnerability in Pimcore SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. | 7.5 |
| 2022-04-08 | CVE-2022-1219 | SQL Injection vulnerability in Pimcore SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. | 7.5 |
| 2022-03-24 | CVE-2022-0955 | Cross-site Scripting vulnerability in Pimcore Data-Hub Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4. | 4.8 |
| 2022-03-16 | CVE-2022-0705 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. | 5.4 |