Security Advisory

CVE-2021-39166

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-01 14:00:11

Last updated 2024-08-04 01:58:18

Assigner GitHub_M

State PUBLISHED

Description

Pimcore is an open source data & experience management platform. Prior to version 10.1.2, text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources. This issue is patched in Pimcore version 10.1.2.

← Browse all CVEs View on cve.org ↗