11 matches found
CVE-2020-9587
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
BIT-MAGENTO-2020-9587
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
Magento authorization bypass vulnerability
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
GHSA-8WM7-H2QH-FF4C Magento authorization bypass vulnerability
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
TikTok: Create product discounts of any shop
An Insecure Direct Object Reference IDOR vulnerability was found on a TikTok seller endpoint, which could have resulted in any user to create product discounts for shops they did not own. We thank @datph4m for reporting this to our team...
Authorization Bypass
magento/community-edition is vulnerable to authorization bypass. The application allows an attacker to create unauthorized product discounts upon successful exploitation of the vulnerability...
CVE-2020-9587
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
CVE-2020-9587
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
CVE-2020-9587
Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...
CVE-2020-9587
CVE-2020-9587 corresponds to an authorization bypass vulnerability in Adobe Magento. According to the connected records, affected Magento versions are 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier. Successful exploitation could lead to unauthorize...
Magento Multiple Vulnerabilities (APSB20-22)
Magento is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...