5 matches found
Object Injection
ezsystems/ezpublish-legacy is vulnerable to Object Injection. The vulnerability due to in the Legacy Shop module which allows an attacker with backend editor privileges to manipulate the discount rule settings...
Ez Platform Object Injection in legacy shop module
This Security Advisory is about a vulnerability in the Legacy shop module. A backend editor could perform object injection in discount rules. This would require backend access and permission to edit discount rules. While object injection in itself is a serious vulnerability, the permission...
GHSA-39J2-4P9J-5W4J Ez Platform Object Injection in legacy shop module
This Security Advisory is about a vulnerability in the Legacy shop module. A backend editor could perform object injection in discount rules. This would require backend access and permission to edit discount rules. While object injection in itself is a serious vulnerability, the permission...
PT-2024-40043 · Unknown · Legacy Shop Module
Name of the Vulnerable Software and Affected Versions: Legacy shop module affected versions not specified Description: The issue concerns a vulnerability in the Legacy shop module where a backend editor can perform object injection in discount rules. This requires backend access and permission to...
IBEXA-SA-2020-006 Object Injection in legacy shop module
More info at https://ezplatform.com/security-advisories/ibexa-sa-2020-006-object-injection-in-legacy-shop-module...