0.001 Low
EPSS
Percentile
40.5%
This affects the package pimcore/pimcore before 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class.
github.com/pimcore/pimcore/pull/9572
nvd.nist.gov/vuln/detail/CVE-2021-23405
snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-1316297