CVE-2026-32300 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0,…
High CVSS: 8.1

CVE-2026-32300

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the My Page profile update feature may allow modification of arbitrary user information. Versions 1.41.1 and 2.41.1 contain a patch.
Vendor
Opensource-workshop
Product
Connect-cms
CWE
CWE-285
Yayın Tarihi
2026-03-23 22:16:27
Güncelleme
2026-03-24 20:40:41
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-285 Connect-cms HIGH Opensource-workshop 2026

Referanslar

https://github.com/opensource-workshop/connect-cms/commit/7c9951738c62a1d51b91e9956d1eb756c5d52cce https://github.com/opensource-workshop/connect-cms/releases/tag/v1.41.1 https://github.com/opensource-workshop/connect-cms/releases/tag/v2.41.1 https://github.com/opensource-workshop/connect-cms/security/advisories/GHSA-qr6x-wvxr-8hm9