CVE-2023-0827

Description

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 1.5.17.

How to fix CVE-2023-0827

To remediate CVE-2023-0827, upgrade the affected package to a fixed version below.

• Packagist/pimcore/pimcore—upgrade to 1.5.17 or later

Is CVE-2023-0827 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.5.17

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-0827
• PATCHgithub.com/pimcore/pimcore
• WEBgithub.com/pimcore/pimcore/commit/f4050586136cb4c44e3d6042111a1b87b340df95
• WEBhuntr.dev/bounties/75bc7d07-46a7-4ed9-a405-af4fc47fb422