GHSA-v567-q267-phpg

GitHub Security Advisory

pimcore is vulnerable to Cross-site Scripting

✓ GitHub Reviewed MODERATE Has CVE

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Packagist pimcore/pimcore

Affected versions: 0 (fixed in 10.2.9)

CVE-2022-0257

GHSA ID

GHSA-v567-q267-phpg

Published

January 21, 2022 11:50 PM

Last Modified

January 25, 2022 8:49 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

pimcore/pimcore

GitHub Reviewed

✓ Yes

Last updated: November 25, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.