3 matches found
CVE-2021-36032
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the V1/customers/me endpoint to achieve information exposure and privile...
CVE-2021-36032 Magento Commerce Improper Input Validation Could Lead To Information Exposure and Privilege Escalation
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the V1/customers/me endpoint to achieve information exposure and privile...
CVE-2021-36032
Magento Commerce is affected by CVE-2021-36032, an improper input validation vulnerability leading to an insecure direct object reference in the V1/customers/me endpoint. The issue allows an authenticated attacker to access information and escalate privileges within Magento Commerce versions 2.4....