CVE-2022-0263

Name of the Vulnerable Software and Affected Versions pimcore/pimcore versions prior to 10.2.7

Description The issue is related to the unrestricted upload of files with dangerous types. This could potentially lead to security risks. The estimated number of affected devices and real-world incidents are not specified.

Recommendations For versions prior to 10.2.7, update to version 10.2.7 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to only allow safe file types until a patch is applied. Restrict access to the file upload feature to minimize the risk of exploitation.