BIT-magento-2020-15151
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/magento/BIT-magento-2020-15151.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-magento-2020-15151
- Aliases
- Published
- 2024-03-06T11:08:48.067Z
- Modified
- 2024-03-06T11:25:28.861Z
- Summary
- [none]
- Details
-
OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the
fromkey protectionin the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2. - Database specific
{ "cpes": [ "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*" ], "severity": "High" }- References
Affected packages
Bitnami / magento
Package
- Name
- magento
- Purl
- pkg:bitnami/magento
Severity
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N CVSS Calculator