Primary

Context

Creartia ICMS Authorization Bypass Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

An authorization bypass vulnerability has been identified in Creartia's ICMS content management software. This vulnerability could allow an attacker to gain unauthorized access to protected features by manipulating the HTTP redirect headers during the login process. As a result, the script may continue executing, enabling privilege escalation without requiring credentials.

Impact

Exploitation of this vulnerability could lead to unauthorized access and privilege escalation within the application.

Remediation

Creartia Internet Consulting has released a patch for this vulnerability. Users are advised to update to the latest version.

Added: May 18, 2026, 11:19 AM

Updated: May 18, 2026, 11:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

8.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

8.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Creartia ICMS Authorization Bypass Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Creartia ICMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating