sylius/sylius is vulnerable to information disclosure. Remote unauthenticated attackers are able to view the user data if browser tab remains unclosed after log out, resulting in disclosure of sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
sylius/sylius | le | v1.10.10 | |
sylius/sylius | le | v1.11.1 | |
sylius/sylius | le | v1.9.9 | |
sylius/sylius | le | v1.10.10 | |
sylius/sylius | le | v1.11.1 | |
sylius/sylius | le | v1.9.9 |
github.com/Sylius/Sylius/commit/253f66b9abfc9897d343153e18d516c6364cfe13
github.com/Sylius/Sylius/pull/13765
github.com/Sylius/Sylius/releases/tag/v1.10.11
github.com/Sylius/Sylius/releases/tag/v1.11.2
github.com/Sylius/Sylius/releases/tag/v1.9.10
github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p