DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-32300: CVE-2026-32300: Insecure Direct Object Reference in Connect-CMS Profile Update

#security #cve #cybersecurity

CVE-2026-32300: Insecure Direct Object Reference in Connect-CMS Profile Update

Vulnerability ID: CVE-2026-32300
CVSS Score: 8.1
Published: 2026-03-23

Connect-CMS suffers from an Insecure Direct Object Reference (IDOR) vulnerability within its My Page profile update functionality. The application relies on client-provided user identifiers to determine which profile record to modify, without verifying if the authenticated session holds the requisite permissions. This oversight permits any authenticated user to arbitrarily alter the profile data of other users, creating a direct path to full account takeover.

TL;DR

Authenticated attackers can modify arbitrary user profiles and hijack accounts via an IDOR vulnerability in the Connect-CMS profile update endpoint.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-639 / CWE-285
  • Attack Vector: Network
  • CVSS v3.1 Score: 8.1 (High)
  • Impact: High Integrity, High Confidentiality
  • Privileges Required: Low
  • Exploit Status: Proof of Concept Available
  • KEV Status: Not Listed

Affected Systems

  • Connect-CMS 1.x up to and including 1.41.0
  • Connect-CMS 2.x up to and including 2.41.0
  • Connect-CMS: <= 1.41.0 (Fixed in: 1.41.1)
  • Connect-CMS: <= 2.41.0 (Fixed in: 2.41.1)

Code Analysis

Commit: 7c99517

Fix: Address profile update IDOR vulnerability by enforcing session-bound user ID

Mitigation Strategies

  • Upgrade Connect-CMS to version 1.41.1 or 2.41.1.
  • Implement rigorous server-side authorization checks on all direct object references.
  • Adopt session-bound user identification for state-modifying profile endpoints rather than trusting client-provided parameters.

Remediation Steps:

  1. Verify the current running version of Connect-CMS.
  2. Schedule a maintenance window for the application upgrade.
  3. Create a full backup of the Connect-CMS database and application files.
  4. Download the appropriate release package (1.41.1 or 2.41.1) from the official GitHub repository.
  5. Deploy the updated application files and verify the integrity of the installation.
  6. Perform a functional test of the My Page profile update feature to ensure expected behavior.

References

Read the full report for CVE-2026-32300 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)