Unrated severityNVD Advisory· Published Dec 3, 2020· Updated Aug 4, 2024
Authorization bypass in Pimcore
CVE-2020-26246
Description
Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/pimcore/pimcore/pull/7618mitrex_refsource_MISC
- github.com/pimcore/pimcore/security/advisories/GHSA-7p8p-4253-3mg6mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.