CVE-2020-24403
Improper Authorization in packagist/magento/community-edition
Identifiers
CVE-2020-24403
Package Slug
packagist/magento/community-edition
Vulnerability
Improper Authorization
Description
Magento This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the REST API.
Affected Versions
All versions before 2.3.6, version 2.4.0
Solution
Upgrade to versions 2.3.6, 2.4.1 or above.
Last Modified
2020-11-15
| source |