8 matches found
GHSA-4WG4-P27P-5Q2R Pimcore Web2Print Tools Bundle "Favourite Output Channel Configuration" Missing Function Level Authorization
Summary The application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an authenticated backend user without explicitely lacking permissions for this feature was still able to...
CVE-2026-23496
Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an...
EUVD-2026-2726
Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an...
CVE-2026-23496 Pimcore Web2Print Tools Bundle "Favourite Output Channel Configuration" Missing Function Level Authorization
Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an...
CVE-2026-23496
Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an...
Qualcomm audio-kernel 缓冲区错误漏洞
Qualcomm audio-kernel is an audio management driver from Qualcomm, Inc. A buffer error vulnerability exists in Qualcomm audio-kernel that stems from a memory corruption when handling MFC channel configurations, which could lead to a denial of service...
Security Bulletin: GNOME libxml2 vulnerability affects IBM Safer Payments (CVE-2023-29469)
Summary Libxml2 is used by IBM Safer Payments as part of PMML models, external queries, and docx file templates for Outgoing Channel Configurations. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-29469 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service,...
Cross-site Scripting (XSS) - Stored in pimcore/web2print-tools
Description Stored XSS in the Description of the Favorite Output Channel Configurations. Steps to reproduce 1.Go to https://demo.pimcore.fun/admin/ and login. 2.In the left menu bar, click the Settings icon then choose Favorite Output Channel Configurations, the Favorite Output Channel...