CVE-2023-3574: Pimcore Customer Management Framework vulnerable to Improper Authorization in Rules Controller
(updated )
Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.
References
- github.com/advisories/GHSA-vx35-f379-4q49
- github.com/pimcore/customer-data-framework/commit/f15668c86db254e86ba7ac895bc3cdd1a2a3cc45
- github.com/pimcore/customer-data-framework/commit/f15668c86db254e86ba7ac895bc3cdd1a2a3cc45.patch
- github.com/pimcore/customer-data-framework/security/advisories/GHSA-vx35-f379-4q49
- huntr.dev/bounties/1dcb4f01-e668-4aa3-a6a3-838532e500c6
- huntr.dev/bounties/1dcb4f01-e668-4aa3-a6a3-838532e500c6/
- nvd.nist.gov/vuln/detail/CVE-2023-3574
Detect and mitigate CVE-2023-3574 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →