Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two factor authentication before is vulnerable for this attack, without need for any form of privilege, causing the application to execute arbitrary scripts/HTML content. This vulnerability has been patched in version 1.0.3.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-07-11T18:19:37.245Z
Updated: 2024-08-02T17:09:34.024Z
Reserved: 2023-06-29T19:35:26.441Z
Link: CVE-2023-37280
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-11T19:15:09.687
Modified: 2023-07-19T18:31:42.580
Link: CVE-2023-37280
Redhat
No data.