CVE-2020-15151: Information Exposure Through Discrepancy

August 20, 2020 (updated November 18, 2021)

Magento allows attackers to circumvent the fromkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks.

References

helpx.adobe.com/security/products/magento/apsb20-47.html
nvd.nist.gov/vuln/detail/CVE-2020-15151

Detect and mitigate CVE-2020-15151 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →