Vulnerability Details : CVE-2021-31867
Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.
Vulnerability category: Sql Injection
Exploit prediction scoring system (EPSS) score for CVE-2021-31867
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less