Security Advisory

CVE-2021-28567

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-08 16:19:57

Last updated 2024-09-17 02:26:51

Assigner adobe

State PUBLISHED

Description

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Improper Authorization vulnerability in the customers module. Successful exploitation could allow a low-privileged user to modify customer data. Access to the admin console is required for successful exploitation.

← Browse all CVEs View on cve.org ↗