[HIGH] Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling

PKSA-y4yc-6g1b-qfqz CVE-2026-45260 GHSA-wc7j-g8wx-m2qx

Affected package: pimcore/pimcore

Affected version: <=12.3.6

Reported by:
GitHub