Packagist (Composer) package
oro/crm-call-bundle
pkg:composer/oro/crm-call-bundle
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-32063 | — | >= 4.2.0, <= 4.2.5 | — | Nov 28, 2023 | OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.4 and 5.1. |
- CVE-2023-32063Nov 28, 2023affected >= 4.2.0, <= 4.2.5
OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.4 and 5.1.