2 matches found
CVE-2021-36039 Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability via the quoteId parameter. An attacker can abuse this vulnerability to disclose sensitive information...
CVE-2021-36039
CVE-2021-36039 affects Magento Commerce: improper input validation via the quoteId parameter can lead to information disclosure. Affected: Magento Commerce editions 2.4.2 and earlier, 2.4.2-p1 and earlier, and 2.3.7 and earlier. The vulnerability is described as allowing an attacker to disclose s...