Latest Security News about pimcore before 6 3 0

SQL Injection attack in pimcore before 6.3.0

Overview : Pimcore¬†data leakage Flaws through SQL Injection Affected Product(s) : pimcore/pimcore before 6.3.0 Vulnerability Details : CVE ID : CVE-2019-10763 pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via ‘id’, ‘storeId’, […]