{"id":"CVE-2026-45703","summary":"Pimcore: WordExport Authorization Bypass for Unauthorized Document Export","details":"Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 (LTS) and 12.3.7, the WordExport export flow in bundles/WordExportBundle/src/Controller/TranslationController.php only checks the word_export feature permission and directly resolves attacker-controlled type/id input without enforcing view permission on page, snippet, email, or object elements, allowing a low-privileged backend user to export document content the user is not allowed to view. This issue is fixed in versions 11.5.17 (LTS) and 12.3.7.","aliases":["GHSA-332x-r494-54fq"],"modified":"2026-07-19T03:47:00.869530971Z","published":"2026-07-17T18:52:44.530Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45703.json","unresolved_ranges":[{"source":"AFFECTED_FIELD","extracted_events":[{"fixed":"11.5.17"}]}],"cna_assigner":"GitHub_M","cwe_ids":["CWE-862"]},"references":[{"type":"WEB","url":"https://github.com/pimcore/pimcore/releases/tag/v12.3.7"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45703.json"},{"type":"ADVISORY","url":"https://github.com/pimcore/pimcore/security/advisories/GHSA-332x-r494-54fq"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45703"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pimcore/pimcore","events":[{"introduced":"df14e025d3db615fc75b190e3c9f3cc1d68d7304"},{"fixed":"d8a4b30690369f5325879b9f969796d6a4f57fa3"}],"database_specific":{"extracted_events":[{"introduced":"12.0.0"},{"fixed":"12.3.7"}],"source":["AFFECTED_FIELD","REFERENCES"]}}],"versions":["v12.3.5","v12.3.4","v12.3.3","v12.3.2","v12.3.1.1","v12.3.1","v12.3.0","v12.2.1","v12.2.0","v12.1.0","v12.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45703.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:L"}]}