4 matches found
CVE-2026-42174
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, user avatar creation, replacement and deletion are not gated by user update permissions. This issue has been patched in versions 4.9.0 and 5.4.0...
CVE-2026-42174 Kirby: User avatar creation, replacement and deletion are not gated by user update permissions
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, user avatar creation, replacement and deletion are not gated by user update permissions. This issue has been patched in versions 4.9.0 and 5.4.0...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the process for managing user avatars due to insufficient authorization checks. An attacker can gain unauthorized access to create, replace, or delete user avatars by leveraging file permissions without the...
IBM Planning Analytics Workspace Resource Management Error Vulnerability
IBM Planning Analytics is a suite of business planning analytics solutions from IBM USA. The solution supports automated execution of business planning, budgeting, and analysis processes.Planning Analytics Workspace is the Web management interface for IBM Planning Analytics. A security...