silverstripeCMS Improper Authentication Vulnerability - CVE-2020-26136 - Vulnerability Database

silverstripeCMS Improper Authentication Vulnerability - CVE-2020-26136

Medium

Reference: CVE-2020-26136

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-26136

Title: silverstripeCMS Improper Authentication Vulnerability

Overview:

In SilverStripe through 4.6.0-rc1 GraphQL doesn39t honour MFA (multi-factor authentication) when using basic authentication.