Camaleon CMS

CVEs (1)

• CVE-2026-10715MedJun 12, 2026
  Camaleon CMS

  Camaleon CMS
  risk 0.33cvss —epss 0.00

  Camaleon CMS 2.9.2 contains an improper authorization vulnerability in the administrator draft autosave endpoint. A low-privileged authenticated user can send an arbitrary post_id to POST /admin/post_type/<POST_TYPE_ID>/drafts and overwrite the draft associated with another…