pimcore/customer-management-framework-bundle Security Advisories for v3.4.0 (5)
-
[MEDIUM] pimcore/customer-data-framework vulnerable to SQL Injection
PKSA-4dyx-b6fg-4z7f CVE-2024-11956 GHSA-q53r-9hh9-w277
Affected version: <4.2.1
Reported by:
GitHub -
[MEDIUM] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts
PKSA-hcgt-shnk-cwhj CVE-2024-21667 GHSA-g273-wppx-82w4
Affected version: <4.0.6
Reported by:
GitHub -
[MEDIUM] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list
PKSA-9ynt-yfbh-nk8t CVE-2024-21666 GHSA-c38c-c8mh-vq68
Affected version: <4.0.6
Reported by:
GitHub -
[MEDIUM] pimcore/customer-management-framework-bundle Cross-site Scripting vulnerability in Segment name
PKSA-sbxw-6xg5-h2c7 CVE-2023-4145 GHSA-735f-w79p-282x
Affected version: <3.4.2
Reported by:
GitHub -
[MEDIUM] Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller
PKSA-5623-97j9-12dy CVE-2023-3574 GHSA-vx35-f379-4q49
Affected version: <3.4.1
Reported by:
GitHub