Description
A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2023-22044 Vulnerability (CVE-2023-22044)
XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651)
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.4)
Oracle Database Server CVE-2013-3771 Vulnerability (CVE-2013-3771)