Pimcore Customer-data-framework
5 CVEs affecting Pimcore Customer-data-framework. Latest disclosed: 2025-01-28. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-21667 | Medium | 6.5 | 2024-01-11 | pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore. An authenticated and unauthorized user can… |
CVE-2024-21666 | Medium | 6.5 | 2024-01-11 | The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation. An… |
CVE-2024-11956 | Medium | 4.7 | 2025-01-28 | A vulnerability, which was classified as critical, has been found in Pimcore customer-data-framework up to 4.2.0. Affected by this issue is some unknown functi… |
CVE-2023-49076 | Medium | 4.3 | 2023-11-30 | Customer-data-framework allows management of customer data within Pimcore. There are no tokens or headers to prevent CSRF attacks from occurring, therefore an… |
CVE-2023-32075 | Medium | 4.3 | 2023-05-11 | The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-management-framework-bundle` prior to… |