Описание
Magento Open Source affected by Improper Input Validation
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to leak another user's data. Exploitation of this issue does not require user interaction.
Пакеты
magento/community-edition
= 2.4.6
Отсутствует
magento/community-edition
>= 2.4.5-p1, < 2.4.5-p3
2.4.5-p3
magento/community-edition
>= 2.4.4-p1, < 2.4.4-p4
2.4.5-p4
magento/community-edition
= 2.4.4
Отсутствует
magento/community-edition
= 2.4.5
Отсутствует
magento/project-community-edition
<= 2.0.2
Отсутствует
Связанные уязвимости
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to leak another user's data. Exploitation of this issue does not require user interaction.
Уязвимость программной платформы для разработки и управления онлайн магазинами Magento Commerce, связанная с неправильной авторизацией, позволяющая нарушителю обойти существующие ограничения безопасности