Home > Vulnerability Database > WS-2023-0107

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

WS-2023-0107

Good to know:

Date: March 9, 2023

A Stored XSS vulnerability was found in perspective name in pimcore/perspective-editor prior to 1.5.1.

Language: PHP

Severity Score

4.0

Related Resources (2)

Url: https://github.com/pimcore/perspective-editor/commit/16979055c684ff3321cf0945d11a1b0ee1e4b8d2

Url: https://www.mend.io/vulnerability-database/WS-2023-0107

Severity Score

4.0

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Top Fix

Upgrade Version

Upgrade to version pimcore/perspective-editor - dev-optimized-perspective-creation;pimcore/perspective-editor - dev-config_deployment_improvements;pimcore/perspective-editor - dev-stale_config;pimcore/perspective-editor - dev-docs-test;pimcore/perspective-editor - dev-114-request-input-explicit;pimcore/perspective-editor - dev-issue#426;pimcore/perspective-editor - v1.5.1;pimcore/perspective-editor - dev-add-container-extension-bundle;pimcore/perspective-editor - dev-mcop1-patch-1;pimcore/perspective-editor - v1.3.1;pimcore/perspective-editor - dev-78-improvement-replace-plugins-with-event-listener;pimcore/perspective-editor - dev-132-bug-removal-of-set-checkmarks-in-the-forbidden-dashboards-not-possible;pimcore/perspective-editor - v1.1.1

Learn More

CVSS v3.1

Base Score:	4.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

WS-2023-0107

Good to know:

Date: March 9, 2023

Language: PHP

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?