Pimcore Unauthenticated Account Takeover via Password Reset URL Injection and 2FA Bypass
Security AdvisoryHighPimcore
Affected:
- Pimcore <= 2026.1
Fixed in:
- 2025.4.6
- 2026.1.6
Referenced CVEs: CVE-2026-55207 · 8.8
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.