cve/2023/CVE-2023-4145.md

CVE-2023-4145

Description

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2.

POC

Reference

• https://huntr.dev/bounties/ce852777-2994-40b4-bb4e-c4d10023eeb0
• https://huntr.dev/bounties/ce852777-2994-40b4-bb4e-c4d10023eeb0

Github

• https://github.com/miguelc49/CVE-2023-4145-1
• https://github.com/miguelc49/CVE-2023-4145-2
• https://github.com/miguelc49/CVE-2023-4145-3
• https://github.com/nomi-sec/PoC-in-GitHub