Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2023-49076
HistoryNov 30, 2023 - 6:15 a.m.

CVE-2023-49076

2023-11-3006:15:46
Google
osv.dev
4
customer data
pimcore
csrf attacks
vulnerability
software update

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

20.1%

JSON

Customer-data-framework allows management of customer data within Pimcore. There are no tokens or headers to prevent CSRF attacks from occurring, therefore an attacker could abuse this vulnerability to create new customers. This issue has been patched in version 4.0.5.

Related

prion 1
cvelist 1
cve 1
nvd 1
prion
prion
Cross site request forgery (csrf)
2023-11-30 06:15:00
cvelist
cvelist
CVE-2023-49076 Pimcore missing token/header to prevent CSRF
2023-11-30 05:42:12
cve
cve
CVE-2023-49076
2023-11-30 06:15:46
nvd
nvd
CVE-2023-49076
2023-11-30 06:15:46

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

20.1%

JSON
Related for OSV:CVE-2023-49076
prion1cvelist1cve1nvd1