CVE-2020-24400

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-24400

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24400.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-24400

Aliases

Published

2020-11-09T01:15:12Z

Modified

2024-09-03T03:24:31.580158Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N CVSS Calculator

Summary

[none]

Details

Magento versions 2.4.0 and 2.3.5 (and earlier) are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the database.

References

https://helpx.adobe.com/security/products/magento/apsb20-59.html

Affected packages

Git / github.com/magento/devdocs

Affected ranges

Type: GIT
Repo: https://github.com/magento/devdocs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b69fab3da87a1536e1a583e51c8115e3f843609b

Type: GIT
Repo: https://github.com/magento/magento2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

dcc962efc5ad12717c6eac0f10cf822780dd3f4a

Affected versions

0.*

0.1.0-alpha100

0.1.0-alpha101

0.1.0-alpha102

0.1.0-alpha103

0.1.0-alpha104

0.1.0-alpha105

0.1.0-alpha106

0.1.0-alpha107

0.1.0-alpha108

0.1.0-alpha89

0.1.0-alpha90

0.1.0-alpha91

0.1.0-alpha92

0.1.0-alpha93

0.1.0-alpha94

0.1.0-alpha95

0.1.0-alpha96

0.1.0-alpha97

0.1.0-alpha98

0.1.0-alpha99

0.42.0-beta1

0.42.0-beta10

0.42.0-beta11

0.42.0-beta2

0.42.0-beta3

0.42.0-beta4

0.42.0-beta5

0.42.0-beta6

0.42.0-beta7

0.42.0-beta8

0.42.0-beta9

0.74.0-beta1

0.74.0-beta10

0.74.0-beta11

0.74.0-beta12

0.74.0-beta13

0.74.0-beta14

0.74.0-beta15

0.74.0-beta16

0.74.0-beta2

0.74.0-beta3

0.74.0-beta4

0.74.0-beta5

0.74.0-beta6

0.74.0-beta7

0.74.0-beta8

0.74.0-beta9

1.*

1.0.0-beta

2.*

2.0.0

2.0.0-rc

2.0.0-rc2

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.8

2.0.9

2.1.0

2.1.0-rc1

2.1.0-rc2

2.1.0-rc3

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.14

2.1.15

2.1.16

2.1.17

2.1.18

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.2.0

2.2.0-RC1.1

2.2.0-RC1.2

2.2.0-RC1.3

2.2.0-RC1.4

2.2.0-RC1.5

2.2.0-RC1.6

2.2.0-RC1.8

2.2.0-rc2.0

2.2.0-rc2.1

2.2.0-rc2.2

2.2.0-rc2.3

2.2.0-rc3.0

2.2.1

2.2.10

2.2.11

2.2.2

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

2.3.1

2.3.2

2.3.2-p1

2.3.3

2.3.3-p1

2.3.4