4 matches found
GHSA-3G7M-G8QM-X6J5 Magento discloses sensitive information
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability via the quoteId parameter. An attacker can abuse this vulnerability to disclose sensitive information...
Magento discloses sensitive information
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability via the quoteId parameter. An attacker can abuse this vulnerability to disclose sensitive information...
Input validation
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability via the quoteId parameter. An attacker can abuse this vulnerability to disclose sensitive information...
CVE-2021-36039 Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability via the quoteId parameter. An attacker can abuse this vulnerability to disclose sensitive information...