2 matches found
CVE-2026-40702
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead t...
Authorization Bypass
pimcore/customer-management-framework-bundle is vulnerable to Authorization Bypasses. The application uses improper authorization checks, allowing a malicious user to bypass the authorization mechanisms while trying to access a resource or perform actions...