Cross site scripting on setting module in pimcore/pimcore

Valid

Reported on

Mar 19th 2023

Description

pimcore is vulnerable to XSS in translate module.

Proof of Concept

alt text

Step to Reproduce.

  1. Go to https://11.x-dev.pimcore.fun/admin/ and login.
  2. In the left menu bar, go to Settings -> Document Types and click on Add button to add a new record.
  3. Now click on translate. Add XSS payload in any language.
  4. No click on edit as HTML.

Payload

"><img src=x onerror=alert(document.domain);>

Impact

This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.

We are processing your report and will contact the pimcore team within 24 hours. 2 months ago
pimcore/pimcore maintainer has acknowledged this report 2 months ago
Divesh Pahuja modified the Severity from High (8) to Medium (5.1) 2 months ago
The researcher has received a minor penalty to their credibility for miscalculating the severity: -1
Divesh Pahuja validated this vulnerability 2 months ago
Rahul Parmar has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Divesh Pahuja marked this as fixed in 10.5.20 with commit 295f5e 2 months ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
Divesh Pahuja published this vulnerability 2 months ago
to join this conversation