CVE-2021-26598: Incorrect Access Control in ImpressCMS
5.3
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.98431%
CWE
Published
3/29/2022
Updated
1/27/2023
KEV Status
No
Technology
PHP
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
impresscms/impresscms | composer | < 1.4.3 | 1.4.3 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from the access control flow in findusers.php
that first checks for a valid security token (lines 20-23) before checking admin status. Since tokens can be obtained without authentication (e.g., via misc.php
), this allows unauthenticated attackers to bypass the intended access controls. The GitHub advisory and external analysis confirm this specific file's logic was patched in 1.4.3 by adding proper authentication checks alongside token validation.