19Şub
CVE-2024-25625 | Pimcore admin-ui-classic-bundle up to 1.3.3 HTTP Header invitationLinkAction Host injection
A vulnerability classified as problematic was found in Pimcore admin-ui-classic-bundle up to 1.3.3. Affected by this vulnerability is the functioninvitationLinkAction
of the component HTTP Header Handler. The manipulation of the argument Host leads to injection.
This vulnerability is known as CVE-2024-25625. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.