Total vulnerabilities in the database
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account detials. Exploitation of this issue does not require user interaction.
Software | From | Fixed in |
---|---|---|
adobe / commerce | 2.4.0 | 2.4.4 |
adobe / magento_commerce | 2.3.7 | 2.3.7.x |
adobe / magento_commerce | 2.3.7-p1 | 2.3.7-p1.x |
adobe / magento_commerce | 2.3.7-p2 | 2.3.7-p2.x |
adobe / magento_commerce | 2.3.7-p3 | 2.3.7-p3.x |
adobe / magento_commerce | 2.4.4 | 2.4.4.x |
adobe / magento_commerce | 2.4.3 | 2.4.3.x |
adobe / magento_commerce | 2.4.3-p2 | 2.4.3-p2.x |
adobe / magento_commerce | 2.4.3-p1 | 2.4.3-p1.x |