magento/community-edition is vulnerable to authorization bypass. The application allows an attacker to create unauthorized product discounts upon successful exploitation of the vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
magento/community-edition | eq | 2.3.5 | |
magento/community-edition | le | 2.3.4 |