pimcore/admin-ui-classic-bundle Security Advisories for v1.3.3 (4)
-
[HIGH] Pimcore includes vulnerable PHPOffice/PhpSpreadsheet
PKSA-b7yw-y21f-mjqr GHSA-hq76-662x-7mw4
Affected version: >=1.5.0,<1.5.4|>=1.4.0,<1.4.7|<1.3.11
Reported by:
GitHub -
[MEDIUM] Pimcore vulnerable to disclosure of system and database information behind /admin firewall
PKSA-hrqp-3hgd-67sf CVE-2024-41109 GHSA-fx6j-9pp6-ph36
Affected version: <=1.5.1
Reported by:
GitHub -
[MEDIUM] Vulnerable embedded jQuery Version
PKSA-n9nn-4sgj-1zw8 GHSA-jmh9-6rjq-gjh9
Affected version: <=1.4.2
Reported by:
GitHub -
[HIGH] Pimcore Host Header Injection in user invitation link
PKSA-j5bv-sdqj-vcrb CVE-2024-25625 GHSA-3qpq-6w89-f7mx
Affected version: <1.3.4
Reported by:
GitHub