2 matches found
CVE-2023-2756 SQL Injection in pimcore/customer-data-framework
SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10...
CVE-2023-2756
CVE-2023-2756 is a SQL injection vulnerability in Pimcore’s customer-data-framework prior to version 3.3.10. The issue affects the Pimcore product/component and is rooted in insecure handling of SQL queries within the segment/authorization logic, allowing an administrator-like user to execute arb...