CVE-2020-24403: Improper Authorization

November 9, 2020 (updated November 12, 2020)

Magento This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the REST API.

References

helpx.adobe.com/security/products/magento/apsb20-59.html
nvd.nist.gov/vuln/detail/CVE-2020-24403

Detect and mitigate CVE-2020-24403 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →