Описание
Connect-CMS Access control vulnerability
Impact(影響)
There is an Access control vulnerability on the management system of Connect-CMS. Affected Version : Connect-CMS v1.8.6, 2.4.6 and earlier
Patches(修正バージョン)
version v1.8.7, v2.4.7
Workarounds(運用回避手段)
Upgrade Connect-CMS to latest version
Пакеты
Наименование
opensource-workshop/connect-cms
composer
Затронутые версииВерсия исправления
< 1.8.7
1.8.7
Наименование
opensource-workshop/connect-cms
composer
Затронутые версииВерсия исправления
>= 2.0.0, < 2.4.7
2.4.7
4.3 Medium
CVSS3
Дефекты
CWE-284
4.3 Medium
CVSS3
Дефекты
CWE-284