CVE-2020-26246

pimcore/pimcore

on github

Published

December 3, 2020

Severity

CVSS v3:

6.5 MEDIUM

CVSS v2:

4 MEDIUM

Description

Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions.

References

https://github.com/pimcore/pimcore/security/advisories/GHSA-7p8p-4253-3mg6
https://github.com/pimcore/pimcore/pull/7618

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:pimcore:pimcore::::::::	n/a	6.8.5	*

External Links

NVD - CVE-2020-26246