15 Oct 2021
Vulnérabilité CVE-2021-39864 CVE Vulnerability
Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. (CVSS:0.0) (Last Update:2021-10-15)
Vulnerability Details : Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. Publish Date : 2021-10-15 Last Update Date : 2021-10-15 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-39864
- References For CVE-2021-39864
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-39864There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |