easyadmin-extension-bundle action case insensitivity
High severity
GitHub Reviewed
Published
May 15, 2024
to the GitHub Advisory Database
•
Updated May 15, 2024
Package
Affected versions
>= 1.3.0, < 1.3.1
>= 1.2.0, < 1.2.11
Patched versions
1.3.1
1.2.11
Description
Published to the GitHub Advisory Database
May 15, 2024
Reviewed
May 15, 2024
Last updated
May 15, 2024
In alterphp/easyadmin-extension-bundle, role based access rules do not handle action name case sensitivity which may lead to unauthorized access.
References