2 matches found
CVE-2021-28563
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by an Improper Authorization vulnerability via the 'Create Customer' endpoint. Successful exploitation could lead to unauthorized modification of customer data by an unauthenticated attacker. Access to...
CVE-2021-28563
Magento Commerce/Open Source prior to 2.4.3 (specifically 2.4.2 and earlier, 2.4.1-p1 and earlier, 2.3.6-p1 and earlier) is affected by an Improper Authorization vulnerability via the Create Customer endpoint. An unauthenticated attacker could cause unauthorized modification of customer data, wit...