CVE-2026-24732
Improper permission checks in Extension:NSFileRepo
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice (Extension:NSFileRepo modules) allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This issue affects BlueSpice: from 5.1 through 5.1.3, from 5.2 through 5.2.0. HINT: Versions provided apply to BlueSpice MediaWiki releases. For Extension:NSFileRepo the affected versions are 3.0 < 3.0.5
| CWE | CWE-552 CWE-732 |
| Vendor | hallo welt! gmbh |
| Product | bluespice |
| Published | Mar 4, 2026 |
| Last Updated | Mar 4, 2026 |
Stay Ahead of the Next One
Get instant alerts for hallo welt! gmbh bluespice
Be the first to know when new unknown vulnerabilities affecting hallo welt! gmbh bluespice are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Hallo Welt! GmbH / BlueSpice
5.1 ≤ 5.1.3 5.2 ≤ 5.2.0