What is GHSA-gg2r-86qc-9w57?

GHSA-gg2r-86qc-9w57 is a security advisory published by GitHub Security Advisories with Critical severity. Authorization Bypass vulnerability in Creartia's ICMS software could allow an attacker to gain...

Which CVE IDs does GHSA-gg2r-86qc-9w57 cover?

GHSA-gg2r-86qc-9w57 covers the following CVE IDs: CVE-2026-4320. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-gg2r-86qc-9w57Critical

Authorization Bypass vulnerability in Creartia's ICMS software could allow an attacker to gain...

Vendor

GitHub Security Advisories

Published

May 18, 2026

Last Modified

May 18, 2026

🔗 CVE IDs covered (1)

CVE-2026-4320 →

📋 Description

Authorization Bypass vulnerability in Creartia's ICMS software could allow an attacker to gain unauthorized access to protected features by manipulating the HTTP redirect headers of the login process, causing the script to continue running and enabling privilege escalation without the need for credentials.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-4320
https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-icms-content-management-creartia-internet-consulting
https://github.com/advisories/GHSA-gg2r-86qc-9w57