Description
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another administrator via a crafted http request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Fields Cross-Site Scripting (1.4.10)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.26)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3383)
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-21607)
WordPress Plugin WordPress Download Manager Arbitrary File Upload (2.8.97)