CVE-2020-15243
CVE-2020-15243 affects Smartstore 4.0.0 and 4.0.1 with the Web API plugin installed and activated, where a missing WebApi Authentication attribute creates a vulnerability. The recommended remediations are to merge the 4.0.x branch (or overwrite the SmartStore.Web.Framework in the deployed shop’s ...