[MEDIUM] Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause

PKSA-8x4n-f9v2-4s1d CVE-2026-27461 GHSA-vxg3-v4p6-f3fp

Affected package: pimcore/pimcore

Affected version: >=12.0.0,<12.3.3|<=11.5.14.1

Reported by:
GitHub