GHSA-g8pg-33v4-9r96: Thelia authentication bypass vulnerability
An authentication bypass was identifed in thelia/thelia project for customer and admin. This vulnerability is present from version 2.1.0-beta1 and is fixed in 2.1.3 and 2.2.0-alpha1.
References
- github.com/FriendsOfPHP/security-advisories/blob/master/thelia/thelia/2015-04-13-1.yaml
- github.com/advisories/GHSA-g8pg-33v4-9r96
- github.com/thelia/thelia
- github.com/thelia/thelia/commit/028cfcf507cd8685772e156ec0c860034d407094
- web.archive.org/web/20160502224630/http://thelia.net/version-2-1-3-with-security-fix
Detect and mitigate GHSA-g8pg-33v4-9r96 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →