GHSA-w3mq-67mw-3p9f
Suggest an improvement- Source
- https://github.com/advisories/GHSA-w3mq-67mw-3p9f
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-w3mq-67mw-3p9f/GHSA-w3mq-67mw-3p9f.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-w3mq-67mw-3p9f
- Aliases
- Published
- 2022-05-14T03:46:39Z
- Modified
- 2024-02-16T08:12:33.726434Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- Magento Cross-Site Request Forgery (CSRF)
- Details
-
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.
- Database specific
{ "nvd_published_at": "2018-01-08T22:29:00Z", "cwe_ids": [ "CWE-352" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-01-11T18:45:58Z" }- References
Affected packages
Packagist / magento/community-edition
Package
- Name
- magento/community-edition
- Purl
- pkg:composer/magento/community-edition
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.0.10
Affected versions
0.*
0.1.0-alpha89
0.1.0-alpha90
0.1.0-alpha91
0.1.0-alpha92
0.1.0-alpha93
0.1.0-alpha94
0.1.0-alpha95
0.1.0-alpha96
0.1.0-alpha97
0.1.0-alpha98
0.1.0-alpha99
0.1.0-alpha100
0.1.0-alpha101
0.1.0-alpha102
0.1.0-alpha103
0.1.0-alpha104
0.1.0-alpha105
0.1.0-alpha106
0.1.0-alpha107
0.1.0-alpha108
0.42.0-beta1
0.42.0-beta2
0.42.0-beta3
0.42.0-beta4
0.42.0-beta5
0.42.0-beta6
0.42.0-beta7
0.42.0-beta8
0.42.0-beta9
0.42.0-beta10
0.42.0-beta11
0.74.0-beta1
0.74.0-beta2
0.74.0-beta3
0.74.0-beta4
0.74.0-beta5
0.74.0-beta6
0.74.0-beta7
0.74.0-beta8
0.74.0-beta9
0.74.0-beta10
0.74.0-beta11
0.74.0-beta12
0.74.0-beta13
0.74.0-beta14
0.74.0-beta15
0.74.0-beta16
1.*
1.0.0-beta
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-beta5
1.0.0-beta6
2.*
2.0.0-rc
2.0.0-rc2
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
Packagist / magento/community-edition
Package
- Name
- magento/community-edition
- Purl
- pkg:composer/magento/community-edition