Количество 2
Количество 2
CVE-2019-7950
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information.
GHSA-2fhr-f6q6-c4p2
Magento 2 Community Edition Access Control Bypass
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-7950 An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| GHSA-2fhr-f6q6-c4p2 Magento 2 Community Edition Access Control Bypass | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу