[MEDIUM] Kirby is missing permission checks in the content changes API

PKSA-yfpp-rndk-cm9x CVE-2026-21896 GHSA-4j78-4xrm-cr2f

Affected package: getkirby/cms

Affected version: >=5.0.0,<=5.2.1

Reported by:
GitHub