CVE-2019-18982
N/A
N/A
Summary
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/pimcore/pimcore/commit/e0b48faf7d29ce43a98825a0b230e88350ebcf78
- https://github.com/pimcore/pimcore/compare/v6.2.3…v6.3.0
References
- https://github.com/pimcore/pimcore/commit/e0b48faf7d29ce43a98825a0b230e88350ebcf78
- https://github.com/pimcore/pimcore/compare/v6.2.3…v6.3.0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.