CVE-2025-27617

Publication date

2025-03-11 15:35:51

Family

GitHub_M

State

PUBLISHED

Description

Pimcore is an open source data and experience management platform. Prior to version 11.5.4, authenticated users can craft a filter string used to cause a SQL injection. Version 11.5.4 fixes the issue.