XSS in HTML-Tags in pimcore/pimcore
Jan 31st 2023
Cross site scripting vulnerability in pimcore/pimcore in HTML-Tags of "SEO & Settings"
Proof of Concept
1. Login in stable account URL : https://demo.pimcore.fun/admin/?_dc=1675166039&perspective= 2. Go to Home ---> SEO & Settings 3. Enter Payload in HTML-Tags For More Understanding please check POC : https://drive.google.com/file/d/18_sFHJXEZyubEZ3MO6KK1oBtDZ_BuXpR/view?usp=sharing
The vulnerability is capable of stolen the user cookie.
The researcher has received a minor penalty to their credibility for miscalculating the severity: -1
Divesh Pahuja validated this vulnerability 15 days ago
Sanket Salavi has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Divesh Pahuja marked this as fixed in 11.0.0 with commit da2af2 15 days ago
This vulnerability has been assigned a CVE
commented 6 days ago
I don't agree with this classification. This is by no means a 5.2 or even worth a CVE. The Process is only available for logged in users an can be disabled by permission. By the logic of this "bug" a "in-tool" file editor is worth a CVE as well.
to join this conversation