8 matches found
Missing Authorization
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization via the migrate endpoint /actions/app/migrate. An attacker can perform unauthorized migration operations by sending crafted requests to this endpoint. Remediation There ...
CVE-2026-31266
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...
CVE-2026-31266
CVE-2026-31266 affects Craft CMS 5.9.5 and earlier. Affected component: migrate endpoint at /actions/app/migrate. Root cause: missing authorization check in migrate action leading to Missing Authorization vulnerability. Impact (per sources): unauthorized actions on migrate could lead to changes w...
Craft CMS 安全漏洞
Craft CMS is an open-source content management system CMS developed by Craft CMS. Versions of Craft CMS 5.9.5 and earlier contained security vulnerabilities, which were caused by a lack of authorization verification at the migrate endpoint...
CVE-2026-31266
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...
PT-2026-43997
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...
CVE-2026-31266
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...
CVE-2026-31266
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...