CVE-2020-24405
packagist/magento/community-edition
Improper Authorization
Magento This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
All versions before 2.3.6, version 2.4.0
Upgrade to versions 2.3.6, 2.4.1 or above.
2020-11-15
source |