Pimcore Customer_management_framework

9 CVEs affecting Pimcore Customer_management_framework. Latest disclosed: 2024-01-11. Critical: 0, High: 2.

Top CVEs affecting Pimcore Customer_management_framework
CVESeverityScorePublishedSummary
CVE-2023-2629High7.82023-05-10Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.
CVE-2023-2756High7.22023-05-17SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
CVE-2024-21667Medium6.52024-01-11pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore. An authenticated and unauthorized user can…
CVE-2024-21666Medium6.52024-01-11The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation. An…
CVE-2023-3574Medium6.52023-07-10Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.
CVE-2021-31867Medium6.52021-08-04Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentC…
CVE-2023-4145Medium5.42023-08-03Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2.
CVE-2023-2881Medium4.92023-05-25Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
CVE-2023-32075Medium4.32023-05-11The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-management-framework-bundle` prior to…