[pimcore/pimcore] Cross-site Scripting in Pimcore

Pimcore 10.3.3 and prior is vulnerable to stored cross-site scripting. A patch is available on the 10.x branch and will likely be part of version 10.4.0.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-0704
• https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9
• https://huntr.dev/bounties/4142a8b4-b439-4328-aaa3-52f6fedfd0a6
• https://github.com/pimcore/pimcore/pull/11447
• https://github.com/advisories/GHSA-pc32-x737-74cv