CVE-2023-2984

Description

Pimcore vulnerable to Pre-Auth Path Traversal in pimcore_log parameter

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://github.com/pimcore/pimcore/security/advisories/GHSA-46g3-f9r8-xj4v
• https://nvd.nist.gov/vuln/detail/CVE-2023-2984
• https://github.com/pimcore/pimcore/commit/e8dbc4da58ae86618bceb67ed35ce23e5e54d2ed
• https://github.com/pimcore/pimcore
• https://huntr.dev/bounties/5df8b951-e2f1-4548-a7e3-601186e1b191