We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Business Logic Errors in the Conditions tab since the counter can be a negative number.
This vulnerability is capable of the unlogic in the counter value in the Conditions tab.
Update to version 3.3.9 or apply this patch manually https://github.com/pimcore/customer-data-framework/commit/e3f333391582d9309115e6b94e875367d0ea7163.patch
Apply https://github.com/pimcore/customer-data-framework/commit/e3f333391582d9309115e6b94e875367d0ea7163.patch manually.
https://huntr.dev/bounties/cecd7800-a996-4f3a-8689-e1c2a1e0248a/
khanhchauminh Reporter
Impact
Business Logic Errors in the Conditions tab since the counter can be a negative number.
This vulnerability is capable of the unlogic in the counter value in the Conditions tab.
Patches
Update to version 3.3.9 or apply this patch manually https://github.com/pimcore/customer-data-framework/commit/e3f333391582d9309115e6b94e875367d0ea7163.patch
Workarounds
Apply https://github.com/pimcore/customer-data-framework/commit/e3f333391582d9309115e6b94e875367d0ea7163.patch manually.
References
https://huntr.dev/bounties/cecd7800-a996-4f3a-8689-e1c2a1e0248a/