Security Advisory

CVE-2021-39170

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-01 14:10:12

Last updated 2024-08-04 01:58:18

Assigner GitHub_M

State PUBLISHED

Description

Pimcore is an open source data & experience management platform. Prior to version 10.1.2, an authenticated user could add XSS code as a value of custom metadata on assets. There is a patch for this issue in Pimcore version 10.1.2. As a workaround, users may apply the patch manually.

← Browse all CVEs View on cve.org ↗