[MEDIUM] Kirby: Access to files of top-level drafts is not protected by permissions

PKSA-6sq2-11dh-hkdq CVE-2026-54004 GHSA-89cp-7p28-jffg

Affected package: getkirby/cms

Affected version: >=5.0.0-alpha.1,<=5.4.3|<=4.9.3

Reported by:
GitHub