What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVE-2022-0705
MEDIUM
CVE-2022-0705: Cross-site Scripting (XSS) - Stored in pimcore/pimcore
CVSS base score
4.2/10
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Key dates
02Disclosure timeline
March 16, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2022-3136 Social Rocket < 1.3.3 - Admin+ Stored Cross-Site Scripting
CVE-2023-31071 WordPress Modal Dialog Plugin <= 3.5.14 is vulnerable to Cross Site Scripting (XSS)
CVE-2025-4293 MRCMS Group Edit Page edit.do cross site scripting
CVE-2023-52203 WordPress CformsII Plugin <= 15.0.5 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-48619 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
