Unrated severityNVD Advisory· Published Oct 29, 2019· Updated Aug 4, 2024
CVE-2019-8235
CVE-2019-8235
Description
An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. An authenticated user may be able to view personally identifiable shipping details of another user due to insufficient validation of user controlled input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2.3 prior to 2.3.1
Patches
Vulnerability mechanics
References
1- magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-updatemitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.