3 matches found
CVE-2019-7890
An Insecure Direct Object Reference IDOR vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details...
CVE-2019-7890
An Insecure Direct Object Reference IDOR vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details...
CVE-2019-7890
CVE-2019-7890 is an IDOR in Magento’s order processing workflow affecting 2.1.x before 2.1.18, 2.2 before 2.2.9, and 2.3 before 2.3.2. This could allow unauthorized access to order details. The NVD/Red Hat/OSV entries confirm a high-severity, network-exposed vulnerability with no required user pr...