PT-2026-34817 · Kirby · Kirby
Offset
·
Published
2026-04-23
·
Updated
2026-04-28
·
CVE-2026-40099
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Kirby versions prior to 4.9.0
Kirby versions prior to 5.4.0
Description
An authorization bypass allows authenticated users to perform actions beyond their configured permissions, leading to privilege escalation. In the REST API, the
isDraft flag can be overridden during the creation of a new page. This allows authenticated attackers who possess the pages.create permission, but lack the pages.changeStatus permission, to create published pages immediately. This bypasses the standard editorial workflow where new pages are typically created as drafts and require a status change to be published.Recommendations
Update Kirby to version 4.9.0 or later.
Update Kirby to version 5.4.0 or later.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kirby