[MEDIUM] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts

PKSA-hcgt-shnk-cwhj CVE-2024-21667 GHSA-g273-wppx-82w4

Affected package: pimcore/customer-management-framework-bundle

Affected version: <4.0.6

Reported by:
GitHub