4 matches found
CVE-2026-50280
Craft CMS contains an authorization bypass in the entries/move-to-section endpoint (EntriesController::actionMoveToSection). In versions 5.0.0-RC1 through below 5.9.21, destination section gate relies only on viewEntries:$section->uid instead of requiring saveEntries permission; source entry p...
CVE-2026-33162
Craft CMS vulnerability CVE-2026-33162 affects versions 5.3.0 through before 5.9.14. An authenticated control panel user with only accessCp can move entries across sections by POSTing to /actions/entries/move-to-section, even without saveEntries:{sectionUid} permission for source or destination. ...
GHSA-F582-6GF6-GX4G Craft CMS has an authorization bypass which allows any control panel user to move entries without permissions
Summary An authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either source or destination section. Details Root-cause analysis 1. actionMoveToSection...
Missing Authorization
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization in the actionMoveToSection process. An attacker can perform unauthorized content changes by sending crafted POST requests to the affected endpoint, allowing them to move...