Security Advisory

CVE-2020-24401

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-09 00:39:29

Last updated 2024-09-16 19:51:22

Assigner adobe

State PUBLISHED

Description

Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the users account.

← Browse all CVEs View on cve.org ↗