CVE-2023-3822

Name of the Vulnerable Software and Affected Versions pimcore/pimcore versions prior to 10.6.4

Description The issue is related to Cross-site Scripting (XSS) - Reflected, which can be exploited by a remote attacker to conduct inter-site script attacks. This is due to the lack of protection measures for the web page structure in the PHP platform pimcore.

Recommendations For versions prior to 10.6.4, update to version 10.6.4 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the web application to minimize the risk of exploitation.