Tag
A low-privileged authenticated user can exploit CVE-2026-50279, an authorization bypass vulnerability in Craft CMS's `entries/save-entry` endpoint, to reassign an entry's authorship to another user without proper permissions, leading to corrupted audit trails and misleading content ownership.