This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.
Update to version 10.5.20 or apply this patch manually https://github.com/pimcore/pimcore/pull/14721.patch
Apply patch manually https://github.com/pimcore/pimcore/pull/14721.patch
https://huntr.dev/bounties/d8a47f29-3297-4fce-b534-e1d95a2b3e19