VYPR
Unrated severityNVD Advisory· Published Aug 4, 2021· Updated Sep 16, 2024

Pimcore Customer Data Framework 'SegmentAssignmentController.php' Blind SQL Injection

CVE-2021-31867

Description

Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Pimcore/Pimcorellm-fuzzy
    Range: <=3.0.0
  • Pimcore/Pimcore Customer Data Frameworkv5
    Range: 3.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.