0.0005 Low
EPSS
Percentile
17.6%
sylius/sylius suffers from a lack of e-mail verification. A registered and verified user in a shop is able to change it to another e-mail, without the need to re-verify on the new e-mail address.
github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf
github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499