2 matches found
CVE-2023-26366
CVE-2023-26366 affects Adobe Commerce/Magento Open Source in versions 2.4.4-p5 through 2.4.7-beta1 and earlier. The issue is Server-Side Request Forgery (SSRF) that lets an authenticated, high-privilege attacker cause the application to read arbitrary files by injecting arbitrary URLs; exploitati...
CVE-2023-26366 Validate Your Inputs | Server-Side Request Forgery (SSRF) (CWE-918)
Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application t...