CVE-2026-4320

Vulnerability

CVE-2026-4320 is an authorization bypass vulnerability in Creartia Internet Consulting's ICMS Gestión de Contenidos content management system. The flaw resides in the login process, where an attacker can manipulate HTTP redirect headers to cause the script to continue executing, bypassing authentication checks and enabling unauthorized access to protected features. All versions prior to the latest update are affected. [1]

Exploitation

An attacker with network access to the ICMS instance can craft a malicious HTTP request during the login flow, tampering with redirect headers. No prior authentication or user interaction is required; the CVSS vector indicates low attack complexity and no privileges needed. The attacker sends a specially crafted HTTP redirect that causes the server-side script to skip the authentication gate and proceed to execute privileged functionality. [1]

Impact

Successful exploitation allows an attacker to gain unauthorized access to protected features and escalate privileges without valid credentials. This results in high confidentiality and high integrity impact, as the attacker can view sensitive data and modify content or settings managed by the CMS. The availability of the system is not affected. [1]

Mitigation

The vendor Creartia Internet Consulting S.L. has released a fix for this vulnerability. Users are recommended to update ICMS Gestión de Contenidos to the latest version. As of the advisory publication date (2026-05-18), no other workarounds have been disclosed. The CVE is not listed in CISA's Known Exploited Vulnerabilities catalog. [1]