CVE-2020-9630
packagist/magento/community-edition
Improper Privilege Management
Magento has a business logic error vulnerability. Successful exploitation could lead to privilege escalation.
All versions up to 1.9.4.4, all version starting from 1.14.4.0 up to 1.14.4.4, all versions starting from 2.2.0 up to 2.2.11, all versions starting from 2.3.0 up to 2.3.4
Upgrade to versions 1.9.4.5, 1.14.4.5, 2.3.5 or above.
2020-07-02
source |