High severity7.2NVD Advisory· Published Mar 12, 2023· Updated Jun 17, 2026
CVE-2022-48365
CVE-2022-48365
Description
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ezsystems/ezpublish-kernelPackagist | >= 7.5.0, < 7.5.30 | 7.5.30 |
ezsystems/ezplatform-kernelPackagist | >= 1.3.0, < 1.3.26 | 1.3.26 |
Affected products
3- eZ Platform/Ibexa Kerneldescription
- ghsa-coords2 versions
>= 1.3.0, < 1.3.26+ 1 more
- (no CPE)range: >= 1.3.0, < 1.3.26
- (no CPE)range: >= 7.5.0, < 7.5.30
Patches
Vulnerability mechanics
References
6- github.com/ezsystems/ezpublish-kernel/commit/957e67a08af2b3265753f9763943e8225ed779abnvdPatchWEB
- developers.ibexa.co/security-advisories/ibexa-sa-2022-009-critical-vulnerabilities-in-graphql-role-assignment-ct-editing-and-drafts-tooltipsnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-qq2j-9pf8-g58cghsaADVISORY
- github.com/ezsystems/ezplatform-kernel/security/advisories/GHSA-8h83-chh2-fchpnvdVendor AdvisoryWEB
- github.com/ezsystems/ezpublish-kernel/security/advisories/GHSA-99r3-xmmq-7q7gnvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-48365ghsaADVISORY
News mentions
0No linked articles in our index yet.