Pimcore Customer_management_framework
9 CVEs affecting Pimcore Customer_management_framework. Latest disclosed: 2024-01-11. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-2629 | High | 7.8 | 2023-05-10 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9. |
CVE-2023-2756 | High | 7.2 | 2023-05-17 | SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10. |
CVE-2024-21667 | Medium | 6.5 | 2024-01-11 | pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore. An authenticated and unauthorized user can… |
CVE-2024-21666 | Medium | 6.5 | 2024-01-11 | The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation. An… |
CVE-2023-3574 | Medium | 6.5 | 2023-07-10 | Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1. |
CVE-2021-31867 | Medium | 6.5 | 2021-08-04 | Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentC… |
CVE-2023-4145 | Medium | 5.4 | 2023-08-03 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2. |
CVE-2023-2881 | Medium | 4.9 | 2023-05-25 | Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10. |
CVE-2023-32075 | Medium | 4.3 | 2023-05-11 | The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-management-framework-bundle` prior to… |