XSS Stored in perspective name in pimcore/perspective-editor
Valid
Reported on
Mar 9th 2023
Description
Hello team,
I found an xss stored when adding a perspective name as shown in the gif below
Proof of Concept
Impact
Execute scripts
Occurrences
We are processing your report and will contact the
pimcore/perspective-editor
team within 24 hours.
3 months ago
We have contacted a member of the
pimcore/perspective-editor
team and are waiting to hear back
3 months ago
The researcher's credibility has increased: +7
The fix bounty has been dropped
This vulnerability will not receive a CVE
phpstan-bootstrap.php#L2
has been validated
to join this conversation