Customer-data-framework
This hub aggregates every CVE we track for Customer-data-framework, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM6
Monthly trend
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Customer-data-framework.
- CVE-2024-11956Pimcore customer-data-framework list sql injection4.7
- CVE-2024-21667Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts6.5
- CVE-2024-21666Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list6.5
- CVE-2023-49076Pimcore missing token/header to prevent CSRF4.3
- CVE-2023-2881Storing Passwords in a Recoverable Format in pimcore/customer-data-framework4.9
- CVE-2023-32075Pimcore vulnerable to Business Logic Errors in Customer automation rules4.3
Product normalization is registry-driven with AI assist and human review. How it works