XSS in Document Types module in Settings in pimcore/pimcore
Mar 11th 2023
pimcore is vulnerable to XSS at Name field in Document Types module in Settings.
"><img src=x onerror=alert(document.domain);>
Proof of Concept
https://11.x-dev.pimcore.fun/admin/ and login.
2.In the left menu bar, go to Settings -> Document Types and click on Add button to add a new record.
3.Edit the New Document Types by the payload
"><img src=x onerror=alert(document.domain);> into the Name field.
4.Click on delete icon (X) on that new added record, you will see the XSS popup triggers.
This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.
Divesh Pahuja validated this vulnerability 15 days ago
KhanhCM has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Divesh Pahuja marked this as fixed in 10.5.19 with commit 7588c3 15 days ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
to join this conversation