Vulnerabilities > Pimcore > Pimcore > 10.2.5

DATE CVE VULNERABILITY TITLE RISK
2022-01-18 CVE-2022-0260 Cross-site Scripting vulnerability in Pimcore
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.7.
network
pimcore CWE-79
3.5
3.5
2022-01-17 CVE-2022-0256 Cross-site Scripting vulnerability in Pimcore
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
pimcore CWE-79
3.5
3.5
2022-01-17 CVE-2022-0257 Cross-site Scripting vulnerability in Pimcore
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
pimcore CWE-79
3.5
3.5
2022-01-17 CVE-2022-0258 SQL Injection vulnerability in Pimcore
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
network
low complexity
pimcore CWE-89
6.5
6.5