Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
saleor saleor vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-7964
An issue exists in Mirumee Saleor 2.x prior to 2.9.1. Incorrect access control in the checkoutCustomerAttach mutations allows malicious users to attach their checkouts to any user ID and consequently leak user data (e.g., name, address, and previous orders of any other customer).
Mirumee Saleor
5
CVSSv2
CVE-2019-1010304
Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is:...
Mirumee Saleor
6.8
CVSSv2
CVE-2019-13594
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed malicious users to send a POST request without a valid CSRF token and be accepted by the server.
Mirumee Saleor 2.7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2