OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. Back-office users can access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.4 and 5.1.1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-11-28T03:30:22.578Z
Updated: 2024-08-02T15:03:28.874Z
Reserved: 2023-05-01T16:47:35.314Z
Link: CVE-2023-32063
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-11-28T04:15:07.143
Modified: 2023-12-01T21:46:28.420
Link: CVE-2023-32063
Redhat
No data.