What the vulnerability does
01Description
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.19.
CVE-2023-1517
MEDIUM
CVE-2023-1517: Cross-site Scripting (XSS) - DOM in pimcore/pimcore
CVSS base score
4.0/10
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
March 20, 2023
CVE published
February 26, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-23876 WordPress WP krpano plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2021-24569 Cookie Notice & Compliance for GDPR / CCPA < 2.1.2 - Admin+ Stored Cross-Site Scripting
CVE-2023-0258 SourceCodester Online Food Ordering System Category List cross site scripting
CVE-2018-0145
CVE-2023-49572 XSS vulnerability in VX Search Enterprise
