HIGH🇵🇱 Wersja polska

CVE-2023-5844

CVSS 7.2v3.1pub. 2023-10-30upd. 2025-11-28

Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Pimcore Admin Classic Bundle

    APP
    Pimcore
    ≤ 1.1.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-25625HIGH8.1ten sam produkt

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been ...

CVE-2024-23648HIGH8.8ten sam produkt

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The password reset functionality...

CVE-2024-23646HIGH8.8ten sam produkt

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to ...

CVE-2023-49075HIGH8.4ten sam produkt

The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorConditio...

CVE-2026-23495MEDIUM4.3ten sam produkt

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Prior to 2.2.3 and 1.7.16, the API endpoint ...