3 matches found
CVE-2023-29291 Server Side Request Forgery (SSRF) in USPS carrier integration configuration
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests v...
CVE-2023-29291 Server Side Request Forgery (SSRF) in USPS carrier integration configuration
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests v...
CVE-2023-29291
Adobe Commerce (Magento) is affected by CVE-2023-29291: SSRF that can lead to arbitrary file-system reads. Affected versions include 2.4.6 and earlier, 2.4.5-p2 and earlier, 2.4.4-p3 and earlier. An admin-privilege authenticated attacker can force the application to make arbitrary requests via in...