2 matches found
CVE-2020-36126
Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation. PAXSTORE marketplace endpoints allow an authenticated user to read and write data not owned by them, including third-party users, application and payment...
CVE-2020-36126
PAX Technology PAXSTORE v7.0.8_20200511171508 and earlier versions are affected by an incorrect access control vulnerability that enables authenticated users to read/write data they do not own, potentially impersonating other users and causing unauthorized disclosure, modification, or destruction...