3 matches found
CVE-2026-45703
Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 LTS and 12.3.7, the WordExport export flow in bundles/WordExportBundle/src/Controller/TranslationController.php only checks the wordexport feature permission and directly resolves attacker-controlled type/id input...
CVE-2026-45703
Pimcore's WordExport flow (TranslationController.php) before versions 11.5.17 (LTS) and 12.3.7 only validates the word_export feature permission and does not enforce view permissions on the target element. Attackers authenticated as backend users with word_export can bypass element-level access c...
GHSA-332X-R494-54FQ Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export
Summary The WordExport export flow only checks whether the current backend user has the feature permission wordexport. It does not verify access rights on the target element itself. As a result, a low-privileged backend user can export document content even when the user does not have view...