Pimcore Customer Data Framework version 3.0.0 and previous versions suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pimcore customer management framework |