CVE-2020-24404
Summary (CVE-2020-24404): Magento Open Source platforms 2.4.0 and 2.3.5p1 (and earlier) have an incorrect permissions vulnerability in the Integrations component. It can be exploited by users who have Pages resource permissions to delete CMS pages via the REST API without authorization, exposing ...