CVE-2021-31867
Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the
Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.
MEDIUM · CVSS 6.5
EPSS 0.00038
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0