CNNVD-202601-2585 Information
CNNVD ID
CNNVD-202601-2585
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
Web2Print Tools Bundle for Pimcore是Pimcore开源的一个扩展套件。 Web2Print Tools Bundle for Pimcore 5.2.2之前版本和6.1.1之前版本存在安全漏洞,该漏洞源于API端点缺少服务器端授权检查,可能导致收藏输出通道配置被修改或泄露。
Description (English)
Web2Print Tools Bundle for Pimcore is an extension package for Pimcore open source. There is a security loophole in previous versions of Web2Print Tools Bundle for Pimcore 5.2.2 and in previous versions of 6.1.1, which stems from the lack of server-end authorization checks at the API endpoint, which may lead to the modification or leakage of the collection output channel configuration.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pimcore
Published
2026-01-15
Last Modified
2026-02-24
References
https://github.com/pimcore/pimcore/security/advisories/GHSA-4wg4-p27p-5q2r https://github.com/pimcore/web2print-tools/commit/7714452a04b9f9b077752784af4b8d0b05e464a1 https://github.com/pimcore/web2print-tools/pull/108 https://github.com/pimcore/web2print-tools/releases/tag/v5.2.2 https://github.com/pimcore/web2print-tools/releases/tag/v6.1.1
Patch
https://github.com/pimcore/web2print-tools/releases/tag/v6.1.1
Share on: