CVE-2022-0510

Name of the Vulnerable Software and Affected Versions pimcore versions prior to 10.3.1

Description The issue is related to a lack of protection for the web page structure when handling fields in the pimcore platform, which can lead to cross-site scripting (XSS) attacks. This can allow a remote attacker to conduct reflected XSS attacks.

Recommendations For versions prior to 10.3.1, update to version 10.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable fields or components in the pimcore platform to minimize the risk of exploitation.