Lucene search
AdobeCVELIST:CVE-2019-8112HistoryNov 05, 2019 - 10:19 p.m.
CVE-2019-8112
2019-11-0522:19:37
adobe
www.cve.org
A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new user creation.
CNA Affected
[
{
"product": "Magento 2",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "Magento 2.2 prior to 2.2.10"
},
{
"status": "affected",
"version": "Magento 2.3 prior to 2.3.3 or 2.3.2-p1"
}
]
}
]Related
cve
cve
CVE-2019-8112
2019-11-05 23:15:11
osv
osv
Magento 2 Community Edition Security Bypass
2022-05-24 17:00:24
CVE-2019-8112
2019-11-05 23:15:11
nvd
nvd
CVE-2019-8112
2019-11-05 23:15:11
friendsofphp
friendsofphp
PRODSECBUG-2465: Bypass of user confirmation mechanism
2019-10-08 00:00:00
github
github
Magento 2 Community Edition Security Bypass
2022-05-24 17:00:24
prion
prion
Security feature bypass
2019-11-05 23:15:00
openvas
openvas