A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the…
VulDB·CWE-79·Published 2025-01-28
In Pimcore 11.4.2 wurde eine problematische Schwachstelle entdeckt. Es geht um eine nicht näher bekannte Funktion der Komponente Search Document. Durch das Manipulieren mit unbekannten Daten kann eine basic cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
### Summary A Stored Cross-Site Scripting (XSS) vulnerability in PIMCORE allows remote attackers to inject arbitrary web script or HTML via the PDF upload functionality. This can result in the execution of malicious scripts in the context of the user's browser when the PDF is viewed, leading to potential session hijacking, defacement of web pages, or unauthorized access to sensitive information. ### Details The vulnerability is present in the PDF upload functionality of the PIM Core Upload module. When a user uploads a PDF file, the application fails to properly sanitize the content, allowing embedded scripts to be executed when the PDF is viewed. The affected code is located in the file handling and rendering logic of the PDF upload feature. ### PoC 1. Log in as Administrator  2. Hover to Assets  3. Right click and click "Add Asset(s) > upload files  4. Upload malicious pdf  5. Click on search and select document  6. copy the path and open to a new tab [https://demo.pimcore.fun/admin/Sample C](https://demo.pimcore.fun/Sample%20Content/Documents/xssmaeitsec.pdf)  7. XSS PDF can be access without authentication.  Image showing no cookies indicator that there are no session currently in  ### Impact This is a Stored Cross-Site Scripting (XSS) vulnerability. It impacts any user who views the malicious PDF, potentially leading to session hijacking, defacement of web pages, or unauthorized access to sensitive information. The severity is high due to the potential for significant impact on confidentiality and integrity.
### Summary A Stored Cross-Site Scripting (XSS) vulnerability in PIMCORE allows remote attackers to inject arbitrary web script or HTML via the PDF upload functionality. This can result in the execution of malicious scripts in the context of the user's browser when the PDF is viewed, leading to potential session hijacking, defacement of web pages, or unauthorized access to sensitive information. ### Details The vulnerability is present in the PDF upload functionality of the PIM Core Upload module. When a user uploads a PDF file, the application fails to properly sanitize the content, allowing embedded scripts to be executed when the PDF is viewed. The affected code is located in the file handling and rendering logic of the PDF upload feature. ### PoC 1. Log in as Administrator  2. Hover to Assets  3. Right click and click "Add Asset(s) > upload files  4. Upload malicious pdf  5. Click on search and select document  6. copy the path and open to a new tab [https://demo.pimcore.fun/admin/Sample C](https://demo.pimcore.fun/Sample%20Content/Documents/xssmaeitsec.pdf)  7. XSS PDF can be access without authentication.  Image showing no cookies indicator that there are no session currently in  ### Impact This is a Stored Cross-Site Scripting (XSS) vulnerability. It impacts any user who views the malicious PDF, potentially leading to session hijacking, defacement of web pages, or unauthorized access to sensitive information. The severity is high due to the potential for significant impact on confidentiality and integrity.
En Pimcore 11.4.2 se ha detectado una vulnerabilidad clasificada como problemática. Esta vulnerabilidad afecta a una funcionalidad desconocida del componente Search Document. La manipulación conduce a la ejecución de Cross Site Scripting básica. El ataque se puede ejecutar de forma remota. El exploit se ha hecho público y puede utilizarse.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | cve.org | 3.3 | — | — | AV:N/AC:L/Au:M/C:N/I:P/A:N |
| 2.0 | Primary | cve.org | 3.3 | — | — | AV:N/AC:L/Au:M/C:N/I:P/A:N |
| 2.0 | Secondary | NVD | 3.3 | 6.4 | 2.9 | AV:N/AC:L/Au:M/C:N/I:P/A:N |
| 3.0 | Primary | cve.org | 2.4 | — | — | CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N |
| 3.0 | Primary | cve.org | 2.4 | — | — | CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N |
| 3.1 | Primary | NVD | 4.8 | 1.7 | 2.7 | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
| 3.1 | Primary | cve.org | 2.4 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N |
| 3.1 | Primary | cve.org | 2.4 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N |
| 3.1 | Secondary | GHSA | 8.1 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N |
| 3.1 | Secondary | NVD | 2.4 | 0.9 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N |
| 4.0 | Primary | cve.org | 5.1 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
| 4.0 | Primary | cve.org | 5.1 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 5.1 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |