3 matches found
CVE-2021-21027
creationtimestamp| type| source ---|---|--- 2021-02-11 22:47:53+00:00| seen| https://t.me/cibsecurity/23476...
CVE-2021-21027 Magento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a cross-site request forgery CSRF vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the...
CVE-2021-21027
CVE-2021-21027 is a Magento CSRF vulnerability affecting Magento Open Source/Commerce 2.x (2.4.1 and earlier, 2.4.0-p1 and earlier, 2.3.6 and earlier). It allows an unauthenticated attacker to trigger cross-site request forgery via the GraphQL API, potentially modifying customer metadata without ...