Количество 2
Количество 2
CVE-2022-24742
Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content.
GHSA-7563-75j9-6h5p
Sensitive Information Exposure in Sylius
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-24742 Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content. | CVSS3: 5 | 0% Низкий | почти 4 года назад |
| GHSA-7563-75j9-6h5p Sensitive Information Exposure in Sylius | CVSS3: 5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу