What the vulnerability does
01Description
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.
CVE-2022-0510
MEDIUM
CVE-2022-0510: Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
CVSS base score
4.3/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Key dates
02Disclosure timeline
February 8, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-30575 WordPress Login Redirect plugin <= - 1.0.5 Cross Site Scripting (XSS) Vulnerability
CVE-2023-3410 Bricks <= 1.10.1 - Authenticated (Bricks Page Builder Access+) Stored Cross-Site Scripting
CVE-2021-24479 DrawBlog <= 0.90 - Authenticated Stored Cross-Site Scripting (XSS)
CVE-2026-44655 MantisBT: Stored XSS on Move Attachments Admin Page
CVE-2025-0837 Puzzles <= 4.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
