Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
saleor saleor vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-7964
An issue exists in Mirumee Saleor 2.x prior to 2.9.1. Incorrect access control in the checkoutCustomerAttach mutations allows malicious users to attach their checkouts to any user ID and consequently leak user data (e.g., name, address, and previous orders of any other customer).
Mirumee Saleor
5.3
CVSSv3
CVE-2019-1010304
Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is:...
Mirumee Saleor
8.8
CVSSv3
CVE-2019-13594
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed malicious users to send a POST request without a valid CSRF token and be accepted by the server.
Mirumee Saleor 2.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2