CVE-2024-11954

MEDIUM Year: 2024
CVSS v3 Score
2.4
Low
CVSS v2 Score
3.3
Low
Weakness Type
CWE-74
View all →

Vulnerability Description

A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2020-15185

LOW
CVSS:2.7(Low)

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access th...

CWE-742020

CVE-2024-37253

LOW
CVSS:2.7(Low)

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Director...

CWE-742024

CVE-2024-6470

MEDIUM
CVSS:2.7(Low)

A vulnerability was found in playSMS 1.4.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php?app=main&inc=feature_inboxgroup&op=list of the...

CWE-742024

CVE-2015-7466

LOW
CVSS:3.1(Low)

Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass inte...

CWE-742015

CVE-2016-8720

LOW
CVSS:3.1(Low)

An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can in...

CWE-742016

CVE-2022-29816

LOW
CVSS:3.2(Low)

In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible

CWE-742022