CVE-2023-3821

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 21, 2023

Updated: Jul 26, 2023

CWE ID 863

Summary

CVE-2023-3821 is a Cross-Site Scripting (XSS) vulnerability affecting the GitHub repository pimcore/pimcore before version 10.6.4. An attacker could inject malicious scripts into a webpage viewed by other users, potentially stealing sensitive information or taking control of their accounts. This stored XSS issue poses a significant risk and requires immediate attention for users running an affected version of the software. Upgrading to the latest patch level is strongly recommended to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Commerce

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r-y7QL
https://www.cve.org/CVERecord?id=CVE-2023-3821
https://nvd.nist.gov/vuln/detail/CVE-2023-3821

Back to Vulnerability Database