[HIGH] Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration

PKSA-kp19-xmdp-rvyj CVE-2026-44739 GHSA-3234-gxc3-pq6f

Affected package: pimcore/pimcore

Affected version: <=12.3.5

Reported by:
GitHub