Количество 2
Количество 2
CVE-2019-7872
An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing user details.
GHSA-pfxv-66r9-4gqw
Magento Insufficient authorization check when adding users to company accounts
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-7872 An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing user details. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| GHSA-pfxv-66r9-4gqw Magento Insufficient authorization check when adding users to company accounts | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу