CVE-2020-15151
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-15151
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15151.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-15151
- Aliases
- Withdrawn
- 2024-09-03T02:56:41.981343Z
- Published
- 2020-08-20T01:17:12Z
- Modified
- 2024-09-02T01:09:16.072098Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the
fromkey protectionin the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2. - References
Affected packages
Git / github.com/openmage/magento-lts
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openmage/magento-lts
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.2.0
1.2.0.1
1.2.0.2
1.2.0.3
1.2.1
1.2.1.1
1.2.1.2
1.3.0
1.3.1
1.3.1.1
1.3.2
1.3.2.1
1.3.2.2
1.3.2.3
1.3.2.4
1.4.0.0
1.4.0.0-alpha1
1.4.0.0-alpha2
1.4.0.0-alpha3
1.4.0.0-beta1
1.4.0.0-rc1
1.4.0.1
1.4.1.0
1.4.1.1
1.4.2.0
1.5.0.0
1.5.0.0-alpha1
1.5.0.0-alpha2
1.5.0.0-beta1
1.5.0.0-beta2
1.5.0.0-rc1
1.5.0.0-rc2
1.5.0.1
1.5.1.0
1.6.0.0
1.6.0.0-alpha1
1.6.0.0-beta1
1.6.0.0-rc1
1.6.0.0-rc2
1.6.1.0
1.6.1.0-alpha1
1.6.1.0-beta1
1.6.1.0-rc1
1.7.0.0
1.7.0.0-alpha1
1.7.0.0-beta1
1.7.0.0-rc1
1.7.0.1
1.7.0.2
1.8.1.0
1.9.0.0
1.9.0.1
1.9.1.0-lts
1.9.1.1
1.9.2.3
1.9.3.0
1.9.3.1
v19.*
v19.4.0
v19.4.1
v19.4.2
v19.4.3
v19.4.4
v19.4.5