5 matches found
Object Injection
ezsystems/ezpublish-legacy is vulnerable to Object Injection. The vulnerability due to in the Legacy Shop module which allows an attacker with backend editor privileges to manipulate the discount rule settings...
GHSA-39J2-4P9J-5W4J Ez Platform Object Injection in legacy shop module
This Security Advisory is about a vulnerability in the Legacy shop module. A backend editor could perform object injection in discount rules. This would require backend access and permission to edit discount rules. While object injection in itself is a serious vulnerability, the permission...
Ez Platform Object Injection in legacy shop module
This Security Advisory is about a vulnerability in the Legacy shop module. A backend editor could perform object injection in discount rules. This would require backend access and permission to edit discount rules. While object injection in itself is a serious vulnerability, the permission...
PT-2024-40043 · Unknown · Legacy Shop Module
Name of the Vulnerable Software and Affected Versions: Legacy shop module affected versions not specified Description: The issue concerns a vulnerability in the Legacy shop module where a backend editor can perform object injection in discount rules. This requires backend access and permission to...
IBEXA-SA-2020-006 Object Injection in legacy shop module
More info at https://ezplatform.com/security-advisories/ibexa-sa-2020-006-object-injection-in-legacy-shop-module...