CVE-2019-18981
on github
Published
Severity
CVSS v3:
9.8 CRITICAL
CVSS v2:
7.5 HIGH
Description
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
References
Configurations
| CPE23 | Version Start | Version End | Exact Version |
|---|---|---|---|
| cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:* | n/a | 6.2.2 | * |