CVE-2022-48367
Access control issue in ezsystems/ezpublish-kernel in packagist/ezsystems/ezpublish-kernel
Identifiers
CVE-2022-48367, GHSA-5x4f-7xgq-r42x, GHSA-h5v2-wrhp-5v35
Package Slug
packagist/ezsystems/ezpublish-kernel
Vulnerability
Access control issue in ezsystems/ezpublish-kernel
Description
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.
Affected Versions
All versions starting from 7.5.0 before 7.5.28
Solution
Upgrade to version 7.5.28 or above.
Last Modified
2023-03-16
| source |