Description
An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details.
Remediation
References
Related Vulnerabilities
Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070)
PHP Improper Input Validation Vulnerability (CVE-2011-1398)
WordPress Plugin Enable Media Replace Unspecified Vulnerability (2.9.5)
Apache Tomcat Other Vulnerability (CVE-2008-0002)
Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340)