Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2022-24742

Published: 14/03/2022 Updated: 30/06/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Sylius

Vulnerability Summary

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sylius sylius

References

CWE-668https://github.com/Sylius/Sylius/releases/tag/v1.11.2https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5phttps://github.com/Sylius/Sylius/releases/tag/v1.9.10https://github.com/Sylius/Sylius/releases/tag/v1.10.11https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook