2 matches found
CVE-2023-29288
Adobe Commerce (Magento) 2.x up to 2.4.6 (and earlier 2.4.5-p2, 2.4.4-p3) is affected by an Incorrect Authorization vulnerability (CWE-863) that could bypass a security feature and allow a privileged attacker to modify a minor portion of another user’s data. Exploitation does not require user int...
CVE-2023-29288 Adobe Commerce | Incorrect Authorization (CWE-863)
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A privileged attacker could leverage this vulnerability to modify a minor functionality of another user...