[MEDIUM] pimcore/customer-data-framework vulnerable to SQL Injection

PKSA-4dyx-b6fg-4z7f CVE-2024-11956 GHSA-q53r-9hh9-w277

Affected package: pimcore/customer-management-framework-bundle

Affected version: <4.2.1

Reported by:
GitHub