CVE-2022-48367
Incorrect Authorization in packagist/ezsystems/ezplatform-kernel
Identifiers
CVE-2022-48367, GHSA-5x4f-7xgq-r42x
Package Slug
packagist/ezsystems/ezplatform-kernel
Vulnerability
Incorrect Authorization
Description
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.
Affected Versions
All versions starting from 3.3.0 before 3.3.18, all versions starting from 4.0.0 before 4.0.5, all versions starting from 4.1.0 before 4.1.2
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-03-24
| source |