This vulnerability in ContentMX Content Publisher arises from missing authorization checks, enabling attackers with limited privileges to exploit improperly configured access control mechanisms. The issue affects versions up to and including 1.0.6. According to the CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L), the attack can be performed remotely over the network with low attack complexity and requires low privileges without user interaction. The impact is limited to integrity and availability, with no confidentiality impact. No vendor advisory or patch information is currently available.

Exploitation of this vulnerability could allow an attacker with low privileges to perform unauthorized actions that affect the integrity and availability of the ContentMX Content Publisher system. Confidential data disclosure is not impacted. There are no known exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, review and tighten access control configurations to ensure proper authorization enforcement. Monitor for updates from ContentMX regarding patches or official mitigations.