Security: pimcore/customer-data-framework
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Improper Access Control allows unprivileged user to access customers duplicates listGHSA-c38c-c8mh-vq68 published
Jan 10, 2024 byModerate -
Improper Access Control allows unprivileged user to access GDPR extractsGHSA-g273-wppx-82w4 published
Jan 10, 2024 byModerate -
CSRF Leading to create a new customerGHSA-xx63-4jr8-9ghc published
Nov 27, 2023 by dvesh3Moderate -
Cross-site Scripting (XSS) - Stored in Segment nameGHSA-735f-w79p-282x published
Aug 3, 2023 by dvesh3Moderate -
Improper Authorization in Rules ControllerGHSA-vx35-f379-4q49 published
Jul 10, 2023 by dvesh3Moderate -
SQL Injection in Segment Assignment queryGHSA-25fx-3c2q-cq46 published
May 17, 2023 by dvesh3Moderate -
Customers list - user password hash is disclosedGHSA-j65r-g7q2-f8v3 published
May 25, 2023 by dvesh3Moderate -
Business Logic Errors in Customer automation rulesGHSA-x99j-r8vv-gwwj published
May 11, 2023 by dvesh3Moderate -
Embeding untrusted input inside CSV files leads to Formula Injection/CSV InjectionGHSA-mq3x-qgwx-3rfw published
May 10, 2023 by dvesh3Moderate