Description
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.
Remediation
References
Related Vulnerabilities
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (4.4.3)
WordPress Plugin WP Editor.md Cross-Site Scripting (1.6)
GlassFish CVE-2012-0104 Vulnerability (CVE-2012-0104)
WordPress Plugin GD bbPress Tools Cross-Site Scripting (1.7)
SharePoint Improper Input Validation Vulnerability (CVE-2019-0604)