Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
saleor saleor vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-7964
An issue exists in Mirumee Saleor 2.x prior to 2.9.1. Incorrect access control in the checkoutCustomerAttach mutations allows malicious users to attach their checkouts to any user ID and consequently leak user data (e.g., name, address, and previous orders of any other customer).
Mirumee Saleor
5.3
CVSSv3
CVE-2019-1010304
Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is:...
Mirumee Saleor
8.8
CVSSv3
CVE-2019-13594
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed malicious users to send a POST request without a valid CSRF token and be accepted by the server.
Mirumee Saleor 2.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2