[HIGH] Connect CMS: Improper Authorization in the My Page Profile Update Feature Allows Modification of Arbitrary User Information

PKSA-mqv7-zr7q-hc9j CVE-2026-32300 GHSA-qr6x-wvxr-8hm9

Affected package: opensource-workshop/connect-cms

Affected version: >=2.0.0,<=2.41.0|<=1.41.0

Reported by:
GitHub