Security Advisory

CVE-2019-7864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-02 21:14:48

Last updated 2024-08-04 21:02:19

Assigner adobe

State PUBLISHED

Description

An insecure direct object reference (IDOR) vulnerability exists in the RSS feeds of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details.

← Browse all CVEs View on cve.org ↗