CVE-2020-24405

Improper Authorization in packagist/magento/community-edition

Identifier

CVE-2020-24405

Package Slug

packagist/magento/community-edition

Vulnerability

Improper Authorization

Description

Magento This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.

Affected Versions

All versions before 2.3.6, version 2.4.0

Solution

Upgrade to versions 2.3.6, 2.4.1 or above.

Last Modified

2020-11-15

source