5.3
CVSSv3

CVE-2021-21012

CVSSv4: NA | CVSSv3: 5.3 | CVSSv2: 4.3 | VMScore: 630 | EPSS: 0.00329 | KEV: Not Included
Published: 13/01/2021 Updated: 21/11/2024

Vulnerability Summary

Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation could lead to sensitive information disclosure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe magento commerce

adobe magento commerce 2.4.0

adobe magento commerce 2.4.1

adobe magento open source

adobe magento open source 2.4.0

adobe magento open source 2.4.1