漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Magento Commerce Insecure Direct Object Reference Could Lead To Information Disclosure
Vulnerability Description
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure and update arbitrary information on another user's account.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Adobe Bridge 缓冲区错误漏洞
Vulnerability Description
Adobe Bridge是美国奥多比(Adobe)公司的一款文件查看器。 Adobe Bridge 存在缓冲区错误漏洞,攻击者可利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A