Security Advisories - PKSA-xc2p-nr46-tjxw - Packagist.org

PKSA-xc2p-nr46-tjxw Security Advisory

[HIGH] CI4MS: Account Deletion Module Grants Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)

PKSA-xc2p-nr46-tjxw CVE-2026-34570 GHSA-4vxv-4xq4-p84h

Affected package: ci4-cms-erp/ci4ms

Affected version: <=0.28.6.0

Reported by:
GitHub