← Back to CVE List

CVE-2019-7864

Published: 2019-08-02T22:15Z
Last Modified: 2024-11-21T04:48Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An insecure direct object reference (IDOR) vulnerability exists in the RSS feeds of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt