2 matches found
CVE-2020-24405
CVE-2020-24405 affects Magento Open Source (Magento) 2.4.0 and 2.3.5p1 (and earlier) in the Inventory module. The root cause described across connected sources is an incorrect permissions issue that could allow an authenticated user to modify inventory stock data without authorization. The availa...
CVE-2020-24405 Incorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data
Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization...