GHSA-5rjc-jc28-cwgg
First published: Fri Feb 07 2025(Updated: )
### Impact(影響) There is an Access control vulnerability on the management system of Connect-CMS. Affected Version : Connect-CMS v1.8.6, 2.4.6 and earlier ### Patches(修正バージョン) version v1.8.7, v2.4.7 ### Workarounds(運用回避手段) Upgrade Connect-CMS to latest version
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/opensource-workshop/connect-cms | >=2.0.0<2.4.7 | 2.4.7 |
| composer/opensource-workshop/connect-cms | <1.8.7 | 1.8.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of GHSA-5rjc-jc28-cwgg?
GHSA-5rjc-jc28-cwgg is classified as an access control vulnerability affecting Connect-CMS.
How do I fix GHSA-5rjc-jc28-cwgg?
To fix GHSA-5rjc-jc28-cwgg, upgrade Connect-CMS to version 1.8.7 or 2.4.7 or later.
Which versions are affected by GHSA-5rjc-jc28-cwgg?
GHSA-5rjc-jc28-cwgg affects Connect-CMS versions 1.8.6, 2.4.6, and earlier.
What should I do if I cannot upgrade for GHSA-5rjc-jc28-cwgg?
If you cannot upgrade for GHSA-5rjc-jc28-cwgg, consider implementing temporary access controls until an upgrade can be performed.
Where can I find more information about GHSA-5rjc-jc28-cwgg?
More information about GHSA-5rjc-jc28-cwgg is available in the security advisories for Connect-CMS.
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-5rjc-jc28-cwgg
- agent/software-canonical-lookup
- agent/severity
- agent/source
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/description
- agent/type
- agent/event
- package-manager/composer