CVE-2023-1703

Name of the Vulnerable Software and Affected Versions pimcore/pimcore versions prior to 10.5.20

Description The issue is related to Cross-site Scripting (XSS) - Generic in the GitHub repository pimcore/pimcore. This is a type of security vulnerability that can allow an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations Update to version 10.5.20 to resolve the issue. As a temporary workaround, consider applying the patch https://github.com/pimcore/pimcore/commit/765832f0dc5f6cfb296a82e089b701066f27bcef.patch manually.