3 matches found
CVE-2023-29295 Insecure Direct Object Reference (IDOR) in Create Quote Function
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitati...
CVE-2023-29295 Insecure Direct Object Reference (IDOR) in Create Quote Function
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitati...
CVE-2023-29295
Adobe Commerce CVE-2023-29295 describes an Incorrect Authorization vulnerability affecting 2.4.6 and earlier (including 2.4.5-p2, 2.4.4-p3) that could let a low-privilege attacker bypass a security feature without user interaction. The issue stems from an authorization flaw in the Create Quote fl...