XSS in Classes of Data Objects module in Settings in pimcore/pimcore
Mar 26th 2023
pimcore is vulnerable to XSS at fromDate and toDate fields in Classes of Data Objects module in Settings.
"><img src=x onerror=alert(document.domain);>
Proof of Concept
https://11.x-dev.pimcore.fun/admin/ and login.
2.In the left menu bar, go to Settings -> Data Objects -> Classes and click on any class.
3.In the new open tab, click on fromDate or toDate section, then input the payload
"><img src=x onerror=alert(document.domain);> into the Default value field.
4.Click Save button then click on the input field again. You will see the XSS popup triggers.
This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.