Pimcore is an open source data & experience management platform. A SQL injection was discovered in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6.

Affected Packages

Packagist pimcore/pimcore

Affected versions: 0 (fixed in 10.3.6)

Related CVEs

CVE-2022-1429

Key Information

GHSA ID

GHSA-2v7p-f4qm-r5pc

Published

April 23, 2022 12:03 AM

Last Modified

May 3, 2022 9:01 PM

CVSS Score

7.5 /10

Primary Ecosystem

Packagist

Primary Package

pimcore/pimcore

GitHub Reviewed

✓ Yes

Dataset

Last updated: November 25, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.