Medium severity6.5NVD Advisory· Published Sep 14, 2017· Updated May 13, 2026

CVE-2017-13761

Description

The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
fastly/magento2Packagist	< 1.2.26	1.2.26

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-vpq9-c67q-23fqghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2017-13761ghsaADVISORY
www.fastly.com/security-advisories/vulnerability-fastly-open-source-cdn-module-intended-be-integrated-magento2nvdVendor AdvisoryWEB

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000