Lucene search
AdobeCVELIST:CVE-2020-24403HistoryOct 01, 2020 - 12:00 a.m.
CVE-2020-24403 Incorrect permissions could lead to unauthorized modification of inventory source data via REST API
2020-10-0100:00:00
CWE-285
adobe
raw.githubusercontent.com
1
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the REST API.
Related
prion
prion
Spoofing
2020-11-09 01:15:00
osv
osv
BIT-magento-2020-24403
2024-03-06 11:08:04
CVE-2020-24403
2020-11-09 01:15:12
cve
cve
CVE-2020-24403
2020-11-09 01:15:00
github
github
adobe
adobe
APSB20-59 Security updates available for Magento
2020-10-15 00:00:00
threatpost
threatpost
Critical Magento Holes Open Online Shops to Code Execution
2020-10-15 20:59:30
openvas
openvas
Magento < 2.3.6, 2.4.x < 2.4.1 Multiple Vulnerabilities (APSB20-59)
2020-10-23 00:00:00