UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
References
History
Thu, 21 Aug 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 21 Aug 2025 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1. | |
| Title | UnoPim Stored XSS via SVG MIME/Sanitizer Bypass | |
| Weaknesses | CWE-79 | |
| References |
|
|
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2025-08-21T15:36:07.475Z
Updated: 2025-08-21T19:58:34.442Z
Reserved: 2025-08-14T22:31:17.684Z
Link: CVE-2025-55742
Vulnrichment
Updated: 2025-08-21T19:58:29.420Z
NVD
Status : Received
Published: 2025-08-21T16:15:34.280
Modified: 2025-08-21T16:15:34.280
Link: CVE-2025-55742
Redhat
No data.