PKSA-zn8p-45f7-kgv1 Security Advisory
-
[HIGH] Craft CMS's mass assignment via id in newAttributes during bulk duplicate overwrites existing elements
PKSA-zn8p-45f7-kgv1 CVE-2026-50281 GHSA-x5m4-g2cq-52pq
Affected package: craftcms/cms
Affected version: >=5.7.0,<5.9.21
Reported by:
GitHub