Security Advisory

CVE-2021-31867

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-04 22:20:35

Last updated 2024-09-16 17:34:30

Assigner rapid7

State PUBLISHED

Description

Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.

← Browse all CVEs View on cve.org ↗