Description
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-2570 Vulnerability (CVE-2020-2570)
WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Cross-Site Scripting (1.4.2)
TYPO3 Improper Input Validation Vulnerability (CVE-2019-11832)
Oracle JRE CVE-2013-5787 Vulnerability (CVE-2013-5787)
WordPress Plugin Availability Calendar Cross-Site Scripting (1.2.1)