Back to search
CVE-2025-27617
Published: Mar 11, 2025
Modified: Mar 12, 2025
PUBLISHED
Description
Pimcore is an open source data and experience management platform. Prior to version 11.5.4, authenticated users can craft a filter string used to cause a SQL injection. Version 11.5.4 fixes the issue.
| Vendor | Product | Versions |
|---|---|---|
pimcore | pimcore | affected < 11.5.4 |
Weaknesses (CWE)
References
https://github.com/pimcore/pimcore/security/advisories/GHSA-qjpx-5m2p-5pgh
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now