CVE-2019-7874

Published: 2019-08-02T22:15Z

Last Modified: 2024-11-21T04:48Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of user roles. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt