3 matches found
CVE-2023-29294 Bypass Purchase Order Approval using Company User in Adobe Commerce B2B
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...
CVE-2023-29294
Summary: CVE-2023-29294 affects Adobe Commerce (and Magento) versions 2.4.6 and earlier, 2.4.5-p2 and earlier, and 2.4.4-p3 and earlier. It is described as a business logic error that could allow a low-privilege attacker to bypass a security feature without user interaction. The CVE entry cites a...
CVE-2023-29294 Bypass Purchase Order Approval using Company User in Adobe Commerce B2B
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...