漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Adobe Commerce Improper Access Control Security feature bypass
Vulnerability Description
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account detials. Exploitation of this issue does not require user interaction.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Adobe Commerce 安全漏洞
Vulnerability Description
Adobe Commerce是美国Adobe公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce存在安全漏洞,该漏洞源于其不恰当的访问控制可能导致攻击者绕过安全保护泄露其他用户帐户详细信息的次要信息。执行此攻击不需要用户交互。以下版本受到影响:2.4.3-p2及以前的版本、2.3.7-p3及以前的版本和2.4.4及以前的版本。
CVSS Information
N/A
Vulnerability Type
N/A