XSS Stored in the email address in pimcore/pimcore

Valid

Reported on

Feb 14th 2023

Description

Hello, I have located an xss stored by performing the following step:

1 - Go to tools 2 - GDPR Data Extractor 3 - Insert the payload into the email address 4 - click in send emails

Alt Text

As Result this allow an attacker to steal user session , takeover user account , make redirect user to attacker controlled site .

We are processing your report and will contact the pimcore team within 24 hours. 2 months ago

Dan Barros modified the report

2 months ago

We have contacted a member of the pimcore team and are waiting to hear back 2 months ago

A pimcore/pimcore maintainer has acknowledged this report a month ago

Divesh Pahuja validated this vulnerability a month ago

Dan Barros has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Divesh Pahuja marked this as fixed in 10.5.18 with commit 4b5733 a month ago

The fix bounty has been dropped

This vulnerability has been assigned a CVE

Divesh Pahuja published this vulnerability a month ago

to join this conversation