oro/customer-portal Security Advisories for 5.0.11 (1)
-
[MEDIUM] Storefront user can access history and most viewed data from matching back-office user with the same ID
PKSA-xms8-dtv5-ztwd CVE-2023-48296 GHSA-v7px-46v9-5qwp
Affected version: >=5.1.0,<=5.1.3|>=5.0.0,<=5.0.11|>=4.2.0,<=4.2.10|>=4.1.0,<=4.1.13
Reported by:
GitHub