CVE-2020-26809
SAP Commerce Cloud (versions 1808, 1811, 1905, 2005) is affected by CVE-2020-26809 where an attacker can bypass authentication/permission checks via the /medias endpoint, gaining access to Secure Media folders and potentially exposing sensitive data. The root cause is not fully detailed beyond th...