pkg:Packagist/pimcore/customer-management-framework-bundle

9 total CVEsHIGH3MEDIUM6

✅ Check your installed version

All known vulnerabilities

  • HIGH7.8CVE-2023-2629Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection
    from 0, < 3.3.9
  • HIGH7.2CVE-2024-11956pimcore/customer-data-framework vulnerable to SQL Injection
    from 0, < 4.2.1
  • HIGH7.2CVE-2023-2756pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query
    from 0, < 3.3.10
  • MEDIUM6.7CVE-2023-2881Pimcore customers' list user password hash is disclosed
    from 0, < 3.3.10
  • MEDIUM6.5CVE-2024-21667Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts
    from 0, < 4.0.6
  • MEDIUM6.5CVE-2024-21666Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list
    from 0, < 4.0.6
  • MEDIUM6.5CVE-2023-4145pimcore/customer-management-framework-bundle Cross-site Scripting vulnerability in Segment name
    from 0, < 3.4.2
  • MEDIUM6.5CVE-2023-3574Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller
    from 0, < 3.4.1
  • MEDIUM4.3CVE-2023-32075Pimcore vulnerable to Business Logic Errors via Customer automation rules
    from 0, < 3.3.9