Filtered by vendor Pimcore Subscriptions
Filtered by product E-commerce Framework Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-21665 1 Pimcore 1 E-commerce Framework 2024-11-21 4.3 Medium
ecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthorized user can access the back-office orders list and be able to query over the information returned. Access control and permissions are not being enforced. This vulnerability has been patched in version 1.0.10.