CVE-2023-1704: Cross-site Scripting (XSS) - Stored in pimcore/pimcore
First published: Wed Mar 29 2023(Updated: )
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pimcore E-commerce Framework | <10.5.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID is CVE-2023-1704.
What is the severity rating of CVE-2023-1704?
The severity rating of CVE-2023-1704 is medium with a severity value of 5.4.
What is the description of CVE-2023-1704?
CVE-2023-1704 is a cross-site scripting (XSS) vulnerability that is stored in the GitHub repository pimcore/pimcore prior to version 10.5.20.
Which software versions are affected by CVE-2023-1704?
The versions of Pimcore prior to 10.5.20 are affected by CVE-2023-1704.
How can I fix CVE-2023-1704?
To fix CVE-2023-1704, you should update your Pimcore software to version 10.5.20 or higher.
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/author
- agent/weakness
- agent/severity
- agent/title
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/pimcore
- canonical/pimcore e-commerce framework