Vulnerability DatabaseWS-2023-0107
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0107
Published:May 15, 2026
Updated:May 15, 2026
A Stored XSS vulnerability was found in perspective name in pimcore/perspective-editor prior to 1.5.1.
Affected Packages
pimcore/perspective-editor (PHP):
Affected version(s) =dev-main <dev-optimized-perspective-creation
Fix Suggestion:
Update to version dev-optimized-perspective-creation
pimcore/perspective-editor (PHP):
Affected version(s) >=dev-fix_portlets <dev-issue#426
Fix Suggestion:
Update to version dev-issue#426
pimcore/perspective-editor (PHP):
Affected version(s) >=dev-106-tests-add-support-for-codeception-5 <dev-114-request-input-explicit
Fix Suggestion:
Update to version dev-114-request-input-explicit
pimcore/perspective-editor (PHP):
Affected version(s) >=dev-view-permission <dev-mcop1-patch-1
Fix Suggestion:
Update to version dev-mcop1-patch-1
pimcore/perspective-editor (PHP):
Affected version(s) =dev-security_new_authentication <dev-stale_config
Fix Suggestion:
Update to version dev-stale_config
pimcore/perspective-editor (PHP):
Affected version(s) =dev-codeception_tests <dev-config_deployment_improvements
Fix Suggestion:
Update to version dev-config_deployment_improvements
pimcore/perspective-editor (PHP):
Affected version(s) >=dev-doc-fixes <dev-docs-test
Fix Suggestion:
Update to version dev-docs-test
pimcore/perspective-editor (PHP):
Affected version(s) =dev-116-improvement-use-new-navigation-approach <dev-132-bug-removal-of-set-checkmarks-in-the-forbidden-dashboards-not-possible
Fix Suggestion:
Update to version dev-132-bug-removal-of-set-checkmarks-in-the-forbidden-dashboards-not-possible
pimcore/perspective-editor (PHP):
Affected version(s) >=v1.3.2 <v1.5.1
Fix Suggestion:
Update to version v1.5.1
pimcore/perspective-editor (PHP):
Affected version(s) >=dev-68-setup-unit-tests-and-implement-first-10-tests <dev-78-improvement-replace-plugins-with-event-listener
Fix Suggestion:
Update to version dev-78-improvement-replace-plugins-with-event-listener
pimcore/perspective-editor (PHP):
Affected version(s) >=v1.0 <v1.1.1
Fix Suggestion:
Update to version v1.1.1
pimcore/perspective-editor (PHP):
Affected version(s) =dev-add-bundle-admin-support-interface-to-bundle <dev-add-container-extension-bundle
Fix Suggestion:
Update to version dev-add-container-extension-bundle
Related Resources (1)
https://github.com/pimcore/perspective-editor/commit/16979055c684ff3321cf0945d11a1b0ee1e4b8d2
Do you need more information?
Contact Us
CVSS v4
Base Score:
2.4
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
HIGH
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW