Security Advisory

CVE-2021-21012

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-13 22:35:38
Last updated 2024-09-16 17:33:28
Assigner adobe
State PUBLISHED

Description

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation could lead to sensitive information disclosure.