6.8

CVSS Score

3.0

Basic Information

CVE ID

CVE-2022-3255

GHSA ID

GHSA-wqr6-57qm-hhr5

EPSS Score

0.00059%

CWE

CWE-79

Published

9/22/2022

Updated

1/31/2023

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-3255

CVE-2022-3255: Pimcore vulnerable to cross site scripting

If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can perform any action within the application that the user can perform; view any information that the user is able to view; modify any information that the user is able to modify; and/or initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user. A patch for this issue is available at commit 1e916e7d668c9e47b217e20cc0ea4812f466201b and anticipated to be part of version 10.5.7.

(GitHub Advisory)

6.8

CVSS Score

3.0

Basic Information

CVE ID

CVE-2022-3255

GHSA ID

GHSA-wqr6-57qm-hhr5

EPSS Score

0.00059%

CWE

CWE-79

Published

9/22/2022

Updated

1/31/2023

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
pimcore/pimcore	composer	<= 10.5.6	10.5.7

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from missing output encoding in ExtJS grid column configurations handling user workspace paths. The patch adds Ext.util.Format.htmlEncode renderers to three files (asset.js, document.js, object.js), indicating these were the XSS injection points. Without proper encoding, user-controlled path values could contain malicious scripts that execute when rendered in the admin interface. The direct correlation between the vulnerability description about workspace path handling and the specific renderer additions in the commit confirms these column configurations as vulnerable surfaces.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

I* *n *tt**k*r **n *ontrol * s*ript t**t is *x**ut** in t** vi*tim's *rows*r, t**n t**y **n typi**lly *ully *ompromis* t**t us*r. *mon*st ot**r t*in*s, t** *tt**k*r **n p*r*orm *ny **tion wit*in t** *ppli**tion t**t t** us*r **n p*r*orm; vi*w *ny in*

Reasoning

T** vuln*r**ility st*ms *rom missin* output *n*o*in* in *xtJS *ri* *olumn *on*i*ur*tions **n*lin* us*r worksp*** p*t*s. T** p*t** ***s `*xt.util.*orm*t.*tml*n*o**` r*n**r*rs to t*r** *il*s (`*ss*t.js`, `*o*um*nt.js`, `o*j**t.js`), in*i**tin* t**s* w*

6.8

Basic Information

Concerned about an active attack path?

CVE-2022-3255: Pimcore vulnerable to cross site scripting

6.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI