CVE-2024-32643

High CVSS: 7.5

Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, if the URL to the page is modified to include a /tag/ declaration, the CMS will render the page regardless of group restrictions. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6.

Vendor

Masacms

Product

Masacms

CWE

CWE-863

Yayın Tarihi

2025-12-03 17:15:48

Güncelleme

2025-12-05 15:37:39

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-863 Masacms HIGH Masacms 2025

Referanslar

https://github.com/MasaCMS/MasaCMS/commit/d1a2e57ef8dbc50c87b178eacc85fcccb05f5b6c https://github.com/MasaCMS/MasaCMS/security/advisories/GHSA-f469-jh82-97fv

Benzer Kayıtlar

High

CVE-2025-66492

Masa CMS is an open source Enterprise Content Management platform. Versions 7.2.8 and below, 7.3.1 through 7.3.13, 7.4.0…

Critical

CVE-2024-32641

Masa CMS is an open source Enterprise Content Management platform. Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6 a…

High

CVE-2024-32642

Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnerabl…