Page 8 of 71 results (0.024 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-285: Improper Authorization •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-285: Improper Authorization •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-284: Improper Access Control •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and perform a minor integrity change. Exploitation of this issue does not require user interaction. • https://helpx.adobe.com/security/products/magento/apsb24-61.html • CWE-285: Improper Authorization •