3 matches found
CVE-2023-29296 [Cloud] Customer suspects IDOR vulnerability
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to modify a minor functionality of another...
CVE-2023-29296 [Cloud] Customer suspects IDOR vulnerability
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to modify a minor functionality of another...
CVE-2023-29296
Adobe Commerce is affected by an Incorrect Authorization vulnerability (CVE-2023-29296) impacting 2.4.6 and earlier (including 2.4.5-p2, 2.4.4-p3). A low-privilege attacker could bypass security features and modify a minor portion of another user’s data without user interaction. No exploitation d...