Security Advisory

CVE-2023-32063

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-28 03:30:22

Last updated 2024-08-02 15:03:28

Assigner GitHub_M

State PUBLISHED

Description

OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.4 and 5.1.1.

← Browse all CVEs View on cve.org ↗