Masa CMS Incorrect Authorization Vulnerability - CVE-2024-32643 - Vulnerability Database

Masa CMS Incorrect Authorization Vulnerability - CVE-2024-32643

High

Reference: CVE-2024-32643

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-32643

Title: Masa CMS Incorrect Authorization Vulnerability

Overview:

Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8 7.3.13 and 7.4.6 if the URL to the page is modified to include a /tag/ declaration the CMS will render the page regardless of group restrictions. This vulnerability is fixed in 7.2.8 7.3.13 and 7.4.6.