Description
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources.
Remediation
References
Related Vulnerabilities
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Multiple Vulnerabilities (3.3.0)
Oracle Database Server CVE-2011-0838 Vulnerability (CVE-2011-0838)
Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389)
WordPress Plugin All-in-One Video Gallery Local File Inclusion (2.4.9)