CVE-2023-46722

CVE-2023-46722

The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user’s cookie and gain unauthorized access to that user’s account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 1.2.0 to receive a patch or, as a workaround, apply the patch manually.

Source: CVE-2023-46722

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다