CVE-2026-23496

Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an authenticated backend user without explicitely lacking permissions for this feature was still able to successfully invoke the endpoint and modify or retrieve these configurations. This vulnerability is fixed in 5.2.2 and 6.1.1.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/pimcore/pimcore/security/advisories/GHSA-4wg4-p27p-5q2r	Exploit Vendor Advisory
https://github.com/pimcore/web2print-tools/commit/7714452a04b9f9b077752784af4b8d0b05e464a1	Patch
https://github.com/pimcore/web2print-tools/pull/108	Exploit Issue Tracking
https://github.com/pimcore/web2print-tools/releases/tag/v5.2.2	Release Notes
https://github.com/pimcore/web2print-tools/releases/tag/v6.1.1	Release Notes
https://github.com/pimcore/pimcore/security/advisories/GHSA-4wg4-p27p-5q2r	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:pimcore:web2print_tools::::::pimcore::*
	cpe:2.3:a:pimcore:web2print_tools::::::pimcore::*

History

No history.

Information

Published : 2026-01-15 17:16

Updated : 2026-01-30 19:49

NVD link : CVE-2026-23496

Mitre link : CVE-2026-23496

CVE.ORG link : CVE-2026-23496

JSON object : View

Products Affected

pimcore

web2print_tools

CWE

CWE-284

Improper Access Control

CWE-863

Incorrect Authorization

{"id": "CVE-2026-23496", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2026-01-15T17:16:08.747", "references": [{"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-4wg4-p27p-5q2r", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/web2print-tools/commit/7714452a04b9f9b077752784af4b8d0b05e464a1", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/web2print-tools/pull/108", "tags": ["Exploit", "Issue Tracking"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/web2print-tools/releases/tag/v5.2.2", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/web2print-tools/releases/tag/v6.1.1", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-4wg4-p27p-5q2r", "tags": ["Exploit", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-284"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing \"Favourite Output Channel Configurations.\" Testing revealed that an authenticated backend user without explicitely lacking permissions for this feature was still able to successfully invoke the endpoint and modify or retrieve these configurations. This vulnerability is fixed in 5.2.2 and 6.1.1."}], "lastModified": "2026-01-30T19:49:56.363", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pimcore:web2print_tools:*:*:*:*:*:pimcore:*:*", "vulnerable": true, "matchCriteriaId": "34D6DA7C-7CAF-4A15-BFA8-53753D4F7432", "versionEndExcluding": "5.2.2"}, {"criteria": "cpe:2.3:a:pimcore:web2print_tools:*:*:*:*:*:pimcore:*:*", "vulnerable": true, "matchCriteriaId": "0E66DF65-5F40-48E0-A6FD-8D7B793ECC3B", "versionEndExcluding": "6.1.1", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}