Description
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-3811 Vulnerability (CVE-2013-3811)
Oracle Database Server CVE-2008-1817 Vulnerability (CVE-2008-1817)
WordPress Plugin Access Expiration Cross-Site Scripting (1.1)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778)
WordPress Plugin Pinterest Automatic Pin Security Bypass (4.14.3)