CVE-2026-32266 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Google Cloud Storage for Craft CMS plugin provides a Google Cloud Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.2.1, the `Defa…
Low CVSS: 2.4

CVE-2026-32266

The Google Cloud Storage for Craft CMS plugin provides a Google Cloud Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.2.1, the `DefaultController->actionLoadBucketData()` endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin is allowed to see. Users should update to version 2.2.1 of the plugin to mitigate the issue.
Vendor
-
Product
-
CWE
CWE-200
Yayın Tarihi
2026-03-18 04:17:27
Güncelleme
2026-03-18 14:52:44
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-200 LOW 2026

Referanslar

https://github.com/craftcms/google-cloud/commit/651bacaa5f5fd7813e4075e0747b1d706391fb2c https://github.com/craftcms/google-cloud/security/advisories/GHSA-67cr-jmh8-4jpq