AIKIDO-2024-10343
craftcms/cms is vulnerable to Improper Privilege Management
94
Critical
craftcms/cms php
AIKIDO-2024-10343: craftcms/cms is vulnerable to Improper Privilege Management in versions 4.0.0 - 4.12.6 and 5.0.0 - 5.4.7.1.
Improper Privilege Management
Vuln in 4.0.0 - 4.12.6
Fixed in 4.12.7
Vuln in 5.0.0 - 5.4.7.1
Fixed in 5.4.8
No CVE available
TL;DR
Affected versions of the package are vulnerable to privilege escalation.
Who does this affect?
You're affected if you are using a version which is within vulnerability ranges.
How can it be fixed?
Upgrade craftcms/cms library to patch version.
Background info
Don’t be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US