CVE-2025-27617: Pimcore Vulnerable to SQL Injection in getRelationFilterCondition
First published: Tue Mar 11 2025(Updated: )
### Summary Authenticated users can craft a filter string used to cause a SQL injection. ### Details _Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._ This code does not look to sanitize inputs: https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Extension/RelationFilterConditionParser.php#L29-L47 c.f. with https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Multiselect.php#L332-L347 ### PoC _Complete instructions, including specific configuration details, to reproduce the vulnerability._ ### Impact _What kind of vulnerability is it? Who is impacted?_
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pimcore E-commerce Framework | <11.5.4 | |
| composer/pimcore/pimcore | <11.5.4 | 11.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/pimcore/pimcore/security/advisories/GHSA-qjpx-5m2p-5pgh
- https://github.com/pimcore/pimcore/commit/19a8520895484e68fd254773e32476565d91deea
- https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Extension/RelationFilterConditionParser.php#L29-L47
- https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Multiselect.php#L332-L347
- https://nvd.nist.gov/vuln/detail/CVE-2025-27617
- https://github.com/advisories/GHSA-qjpx-5m2p-5pgh (Advisory)
Frequently Asked Questions
What is the severity of CVE-2025-27617?
The severity of CVE-2025-27617 is considered to be high due to the potential for SQL injection vulnerabilities, which can lead to data compromise.
How do I fix CVE-2025-27617?
To fix CVE-2025-27617, upgrade to Pimcore version 11.5.4 or later where the vulnerability has been addressed.
Who is affected by CVE-2025-27617?
CVE-2025-27617 affects users of Pimcore versions prior to 11.5.4 who employ certain filter strings.
What kind of attack does CVE-2025-27617 allow?
CVE-2025-27617 allows authenticated users to conduct SQL injection attacks through crafted filter strings.
Is there a workaround for CVE-2025-27617?
There are no documented workarounds for CVE-2025-27617; upgrading to the patched version is the recommended approach.
- agent/title
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-qjpx-5m2p-5pgh
- alias/CVE-2025-27617
- agent/softwarecombine
- agent/references
- agent/description
- agent/event
- collector/nvd-cve
- agent/source
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/github-advisory
- vendor/pimcore
- canonical/pimcore e-commerce framework
- package-manager/composer