CVE-2024-25625 | Pimcore admin-ui-classic-bundle up to 1.3.3 HTTP Header invitationLinkAction Host injection

CVE-2024-25625 | Pimcore admin-ui-classic-bundle up to 1.3.3 HTTP Header invitationLinkAction Host injection

A vulnerability classified as problematic was found in Pimcore admin-ui-classic-bundle up to 1.3.3. Affected by this vulnerability is the function invitationLinkAction of the component HTTP Header Handler. The manipulation of the argument Host leads to injection. This vulnerability is known as CVE-2024-25625. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.