7.5
CVSSv3

CVE-2023-22248

CVSSv4: NA | CVSSv3: 7.5 | CVSSv2: NA | VMScore: 850 | EPSS: 0.00067 | KEV: Not Included
Published: 15/06/2023 Updated: 21/11/2024

Vulnerability Summary

Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to leak another user's data. Exploitation of this issue does not require user interaction.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe commerce 2.3.7

adobe commerce 2.4.0

adobe commerce 2.4.1

adobe commerce 2.4.2

adobe commerce 2.4.3

adobe commerce 2.4.4

adobe commerce 2.4.5

adobe commerce 2.4.6

adobe magento 2.4.4

adobe magento 2.4.5

adobe magento 2.4.6