Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2021-26600
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).
Base Score