CVE-2018-14058

SEC Consult Vulnerability Lab Security Advisory < 20180813-0 > ======================================================================= title: SQL Injection, XSS & CSRF vulnerabilities product: Pimcore vulnerable version: 523 and below fixed version: 530 CVE number: CVE-2018-14057, CVE-2018-140 ...

Pimcore versions 523 and below suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities ...

<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> SEC Consult SA-20180813-0 :: SQL Injection, XSS &amp; CSRF vulnerabilities in Pimcore <!--X-Subject-Header-End--> <!-- ...