Product
high
advisory
Kirby CMS Missing Authorization Vulnerability
2 rules 2 TTPsA missing authorization vulnerability in Kirby CMS allows authenticated users to bypass intended access restrictions on pages and files, potentially leading to unauthorized information disclosure and content modification; patched in versions 4.9.0 and 5.4.0.
cms +3
authorization
web-application
2r
2t
high
advisory
Kirby CMS Missing Authorization Vulnerability
3 rules 1 TTPKirby CMS versions before 4.9.0 and between 5.0.0 and 5.3.3 contain a missing authorization vulnerability, allowing authenticated Panel users to access site model, user, and role information without proper permission checks, potentially leading to unauthorized information disclosure.
cms +1
authorization
privilege-escalation
web-application
3r
1t