CVE-2023-26366

🗓️ 13 Oct 2023 06:15:11Reported by adobeType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 81 Views

Adobe Commerce versions 2.4.7-beta1 and earlier affected by SSRF vulnerabilit

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-26366	13 Oct 202312:28	–	circl
CNNVD	Adobe Commerce Code Issues Vulnerabilities	13 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-26366 Validate Your Inputs \| Server-Side Request Forgery (SSRF) (CWE-918)	13 Oct 202306:15	–	cvelist
EUVD	EUVD-2023-30186	3 Oct 202520:07	–	euvd
Github Security Blog	Magento Open Source allows Server-Side Request Forgery (SSRF)	13 Oct 202309:30	–	github
NVD	CVE-2023-26366	13 Oct 202307:15	–	nvd
OSV	GHSA-8JXC-5F94-22VH Magento Open Source allows Server-Side Request Forgery (SSRF)	13 Oct 202309:30	–	osv
Prion	Server side request forgery (ssrf)	13 Oct 202307:15	–	prion
Snyk	Server-side Request Forgery (SSRF)	13 Oct 202309:30	–	snyk
Snyk	Server-side Request Forgery (SSRF)	13 Oct 202309:30	–	snyk

NVD

Vulners

Node

adobe commerceMatch2.3.7-

adobe commerceMatch2.3.7p1

adobe commerceMatch2.3.7p2

adobe commerceMatch2.3.7p3

adobe commerceMatch2.3.7p4

adobe commerceMatch2.3.7p4-ext1

adobe commerceMatch2.3.7p4-ext2

adobe commerceMatch2.3.7p4-ext3

adobe commerceMatch2.3.7p4-ext4

adobe commerceMatch2.4.0-

adobe commerceMatch2.4.0ext-1

adobe commerceMatch2.4.0ext-2

adobe commerceMatch2.4.0ext-3

adobe commerceMatch2.4.0ext-4

adobe commerceMatch2.4.1-

adobe commerceMatch2.4.1ext-1

adobe commerceMatch2.4.1ext-2

adobe commerceMatch2.4.1ext-3

adobe commerceMatch2.4.1ext-4

adobe commerceMatch2.4.2-

adobe commerceMatch2.4.2ext-1

adobe commerceMatch2.4.2ext-2

adobe commerceMatch2.4.2ext-3

adobe commerceMatch2.4.2ext-4

adobe commerceMatch2.4.3-

adobe commerceMatch2.4.3ext-1

adobe commerceMatch2.4.3ext-2

adobe commerceMatch2.4.3ext-3

adobe commerceMatch2.4.3ext-4

adobe commerceMatch2.4.4-

adobe commerceMatch2.4.4p1

adobe commerceMatch2.4.4p2

adobe commerceMatch2.4.4p3

adobe commerceMatch2.4.4p4

adobe commerceMatch2.4.4p5

adobe commerceMatch2.4.5-

adobe commerceMatch2.4.5p1

adobe commerceMatch2.4.5p2

adobe commerceMatch2.4.5p3

adobe commerceMatch2.4.5p4

adobe commerceMatch2.4.5p5

adobe commerceMatch2.4.6-

adobe commerceMatch2.4.6p1

adobe commerceMatch2.4.6p2

adobe commerceMatch2.4.7b1

adobe magentoMatch2.4.4-open_source

adobe magentoMatch2.4.4p1open_source

adobe magentoMatch2.4.4p2open_source

adobe magentoMatch2.4.4p3open_source

adobe magentoMatch2.4.5-open_source

adobe magentoMatch2.4.5p1open_source

adobe magentoMatch2.4.5p2open_source

adobe magentoMatch2.4.5p3open_source

adobe magentoMatch2.4.5p4open_source

adobe magentoMatch2.4.6-open_source

adobe magentoMatch2.4.6p1open_source

adobe magentoMatch2.4.6p2open_source

adobe magentoMatch2.4.7b1open_source

[
  {
    "defaultStatus": "affected",
    "product": "Adobe Commerce",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "2.4.7-beta1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
helpx	www.helpx.adobe.com/security/products/magento/apsb23-50.html

21 Nov 2024 07:51Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.8

EPSS0.00355

SSVC

CWE-918