CVE-2021-36030

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-36030
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-36030.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-36030
Published
2021-09-01T15:15:09Z
Modified
2024-06-13T07:29:39.182614Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter the price of items.

References

Affected packages

Git / github.com/magento/magento2

Affected versions

2.*

2.3.0
2.3.1
2.3.2
2.3.3
2.3.4
2.3.5
2.3.6
2.3.7
2.4.0
2.4.1
2.4.2